SAML IDP certificate has expired, but users can still login?

New Member

Hi There,

We set up SAML with ADFS for one of the clients 3 years ago. In the client's ADFS setup, I found that the Splunk certificate is expired (SAML Splunk metadata). I tried to give them the new certificate from the latest SAML metadata it didn't let users log in.

I am confused, as to how login is still happening for the users if Splunk's certificate is expired in ADFS. Also, what can be done so that the Splunk certificate in ADFS is renewed?

which certificate is used for a handshake in SAML ADFS


Labels (2)
0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...