When running an AdminUI, should the Parthership be desactivated when a
certificate needs to be updated ?
At first glance, from documentation, the partnership doesn't need to
be desactivated to update the certificate (1).
Modify Certificate Settings for an Active SAML 2.0 Partnership
For SAML 2.0 Idp-to-SP and SP-to-IdP partnerships, you do not have
to deactivate the partnership to change the certificate
settings. You can modify the certificate settings while the
partnership is active.
We recommend that you modify only one certificate setting at a
time during non-peak hours to avoid transaction failures. Save the
changes to a setting before you modify another setting.
After you save the changes, the next federation transaction uses
the new certificate configuration values. The run time
automatically picks up the changes. You do not need to flush the
cache from the UI for the changes to take effect.