Please check the validity of your existing SSO certificate.  If the certificate has expired, you will need to obtain a new certificate from your SSO provider as a first step.  While arranging the renewal, please open a support ticket with Broadcom, and request to update your certificate.

For SSO, AppNeta uses the Identity Provider PingOne and AuthHub, and SSO certificates are provided by customers through metadata, as our iDP does not support certificate uploads.

When expiring, a copy of the metadata including the new cert is provided by the customer and uploaded to the support case to update the the Identity Provider (IdP).

We recommended performing the change certificate change during a scheduled call.  The support team will make the change with the IdP, using the updated certificate provided.   When completed, the customer can perform testing to confirm the the service continues to work as expected.  We recommend testing using an incognito browser window.

Additional details for SSO can be found here:
https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/appneta/GA/system-administration/single-sign-on.html