"An expired certificate may disable federation with the identity provider setup with your organization. The certificate can be regenerated from the SAML Configuration page.” warning about federation certificate expiration in Cloud Director
Article ID: 325512
Updated On:
Products
Issue/Introduction
- Federation certificate expiration notification emails are sent by Cloud Director to administrators similar to the following:
An expired certificate may disable federation with the identity provider setup with your organization. The certificate can be regenerated from the SAML Configuration page.
- Option to regenerate SAML certificate is not available in the Cloud Director UI as no SAML configuration exists in the Tenant Organization.
Environment
Cause
Resolution
The issue is resolved in VMware Cloud Director 10.4.1, available at VMware By Broadcom Downloads.
Workaround:
To workaround the issue in Cloud Director 10.4 without upgrading the Cloud Director API can be used to perform the regeneration of the Federation Certificate for SAML.
Use the Cloud Director API POST /admin/org/{id}/settings/federation/action/regenerateFederationCertificate to regenerate federation certificate for the Tenant to remove the warning about Federation certificate expiration.
Details of this API method are available in the VMware Cloud Director API documentation.
For more information on logging into the Cloud Director API and making requests see the KB article on How to establish an API connection VMware Cloud Director (56948).
Feedback
