Are we able to use a signed certificate in the SAML keystore to replace the self-signed cert that is generated for it?
If so, how?

Release : 9.2.0

Component : UIM - UMP LIFERAY

You can use the same signed cert you use for the wasp probe in the SAML keystore.  The steps to do so, follow:

1. Disable wasp probe.
2. Use the keytool utility to list the alias present in wasp.keystore and copy wasp.keystore to the /data folder where the self-signed keystore is located.
3. Backup the self-signed keystore and rename it.
4. Rename wasp.keystore as keystore.jks.  SAML does not recognize the keystore unless it was named keystore.jks, even if you specify the file name 'wasp.keystore' in portal-ext.properties.
5. Change the saml.keystore.password in portal-ext.properties to the wasp.keystore password
6. Change the saml.keystore.credential.password[alias] in portal-ext.properties to the wasp.keystore password.  Also, change the value in brackets to the keystore alias used in wasp.keystore\
7. Change the saml.entity.id in portal-ext.properties to the alias used in wasp.keystore.
8. Restart wasp probe.