We are running Splunk enterprise 8.2.4 and it has been working fine with SSO authentication until I updated the SSL certificate, the certificate that was updated is the one referenced in my web.conf and my web browser show the new certificate however it broke SSO
Please note the updated certificate is also used in authentication.conf by Saml (ClientCert)
Error message below are seen on splunk _internal logs
ERROR UiSAML [66314 webui] - IDP failed to authenticate request. Status Message="" Status Code="Responder"
ERROR Saml [66314 webui] - Failed to parse issuer. Could not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusMessage or no matching nodes found. No value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusMessageCould not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusDetail/Cause or no matching nodes found. No value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusDetail/CauseCould not evaluate xpath expression //saml:Assertion/saml:Issuer or no matching nodes found. No value found in SamlResponse for key=//saml:Assertion/saml:Issuer
How can I fix the problem please?