After update Certificate in SAML Idenitity Provider (as SSO) IM yet continues authenticating and the expected result if that before we update the certificate in IM side this authentication fails.

Identity Manager 14.5 on Vapp

Root cause: In the few case Certificate's Signature can be part of Assertions which IDM was not able to handle.

Solution: In the few case Certificate's Signature can be part of Assertions which IDM was not able to handle so we added conditions and redirected to samlerror.jsp page with error message.