Update Kantega SSO SAML signing certificate in Okta

Owned by Elias Brattli Sørensen
Last updated: Oct 26, 2023
2 min read

SAML certificates from both parties (Service Provider/Kantega SSO & SAML Provider/Okta) must be uploaded at the other party to establish trust. This procedure must be followed each time certificates expire for each SAML integration. In Kantega SSO Enterprise, you get a warning when the SAML signing certificate is expiring soon.

Download Kantega SSO Certificate
The new certificate is a .cer file which must be uploaded on the service provider / enterprise application at the SAML provider.

  1. Click add new standby key

  2. Download the .cer file:

 

Okta upload

  1. In the App Integration, in the General tab, click Edit on SAML Settings

  2. Under General Settings, click next

  3. Under Configure SAML in Edit SAML integration (Step 2 in the SAML setup), select Advanced settings, and you will see the option to upload the new certificate under “Signature Certificate” (the .cer file downloaded earlier):

     

Back in Kantega SSO

After the certificate has been uploaded, you may click Promote on the new standby certificate you added earlier, and the new key will now the the one in use to sign the Kantega SSO SAML requests.