Currently I am adding partner certificates using “AddPartnerIdentityProviderCertificate” but I do not see a way to add secondary certificates.
Ryan
Does adding SecondaryPartnerCertificateFile as mentioned here works ? http://componentspace.com/Forums/FindPost7775.aspx
Secondary certificates may be added either through saml.config or programmatically.
For example:
<PartnerIdentityProvider
Name=“XXXX”
PartnerCertificateFile=“old.cer”
SecondaryPartnerCertificateFile=“new.cer”
Or:
samlConfiguration.AddPartnerIdentityProvider(
new PartnerIdentityProviderConfiguration()
{
Name = “XXXX”,
PartnerCertificateFile = @“old.cer”,
SecondaryPartnerCertificateFile = “new.cer”
});
The same applies for a partner service provider.
I don’t think the post you referenced helps. The secondary certificate in the post appears to be added via the config file. We are not using config files. We are building everything through your API and I cannot find any reference to the “secondary certificate” within the API. Currently we are adding all the identity provider certificates through this method:
AddPartnerIdentityProviderCertificate(ConfigurationID, PartnerIdentityProviderName, x509Certificate)
And there is no corresponding method for secondary certificates. At least none that I can find.
Ryan
Because of our unique use case, we are using a “custom SAML certificate manager”. Can a secondary certificate be added when using a custom certificate manager?
Ryan
Support for secondary and, in fact, tertiary certificates was added relevantly recently. Support for these can be included in custom certificate managers as well.
Perhaps you’re using an earlier version.
Please email us so we can discuss upgrade options.