Skip to main content
ExLibris
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    How to replace the Alma signing certificate expiring in the near future?

    • Product: Alma, Primo VE
    • Product Version: any
    • Relevant for Installation Type: Multi-Tenant Direct, Dedicated-Direct, Local, TotalCare

    please work with your IT to update Alma and SAML IdP at the same time to avoid service interruption

    1.    Log into Alma

    2.    Go to the integration profiles section: Configuration Menu > General > External Systems > Integration Profiles

    3.    Open the SAML profile (with integration type as SAML)

     

    clipboard_ef1278e5d293a25ef18c3187dc5e201be.png

     

    4.    Update the profile as the following:

    a.       In the “Alma metadata file version” dropdown menu, select the “Version 20nn …” certificate or “Signed certificate … 20nn”.

    b.       Click “Save” button (top right) to save the changes

     

    clipboard_efb5569455ce562f24fb3e37ad0a9153c.png

     

    5.    Update the profile as the following:

    a.       In the “Alma metadata file version” dropdown menu, select the “Version 20nn …” certificate or “Signed certificate … 20nn”.

    b.       Click “Save” button (top right) to save the changes

     

    6.    Send the following metadata file link(s) to your IdP administrator:

    20nn self signed:

    https://<ALMA_BASE_URL>/view/saml/metadata?VERSION=VERSION_20nn_NEW

    https://<PRIMO_VE_BASE_URL>/view/saml/metadata?VERSION=VERSION_20nn_NEW

    OR 20nn DigiCert:

    https://<ALMA_BASE_URL>/view/saml/metadata?VERSION=SIGNED_20nn

    https://<PRIMO_VE_BASE_URL>/view/saml/metadata?VERSION=SIGNED_20nn

    (If you have Primo VE, a second link with the PRIMO_VE_BASE_URL needs to be sent as well)

    7.    The IdP administrator uses the new certificate information in the metadata file(s) to update the related IdP relying party trust

     


    • Article last edited: 15-AUG-2023