Invalid Signing Certificate Chains configured.
Note: If you elect to use an existing certificate from your own CA, proceed to Step 2 to add new certificate.
For the Auth Connector service to regenerate the new self-signed certificate, remove the old (expired) self-signed cert from the Auth Connector folder and restart the Auth Connector service.
If certificate doesn't recreate automatically, the "CreateCertificate" value in file "C:\Program Files (x86)\Blue Coat Systems\BCCA\saml.ini" needs to be set to "1":
Users are now able to authenticate with a new self-signed certificate.