SAML IDP certificate has expired, but users can still login?

New Member

Hi There,

We set up SAML with ADFS for one of the clients 3 years ago. In the client's ADFS setup, I found that the Splunk certificate is expired (SAML Splunk metadata). I tried to give them the new certificate from the latest SAML metadata it didn't let users log in.

I am confused, as to how login is still happening for the users if Splunk's certificate is expired in ADFS. Also, what can be done so that the Splunk certificate in ADFS is renewed?

which certificate is used for a handshake in SAML ADFS


Labels (2)
0 Karma
Get Updates on the Splunk Community!

Security Highlights: September 2022 Newsletter

 September 2022 The Splunk App for Fraud Analytics (SFA) is now Splunk SupportedUse your existing Splunk ...

Platform Highlights | September 2022 Newsletter

 September 2022 What’s New in 9.0 and How to UpgradeGet a walk through of what is new Splunk Enterprise 9.0 ...

Observability Highlights | September 2022 Newsletter

 September 2022 Splunk Observability SuiteAccess to "Classic" SignalFx Interface Will be Removed on Sept 30, ...