Replacing the SSO Certificate Overview
This document is the overview and steps to replace the SSO certificate in the Bitsight platform with any current SAML configuration. The steps below will outline how to replace your SSO certificate in the Bitsight platform.
Getting Started
The Bitsight SAML configuration can be updated with no need to disable SAML on your account. To get started, you will need either the new certificate or XML data as provided by your Identity Provider. You must have admin privileges to access the company SAML settings.
Accessing Your SAML Configuration
Updating Your SAML Configuration
Now that you are in the SAML configuration you can live update the metadata or certificate without having to de-federate the instance. There are two ways to update the certificate in the Bitsight platform. The first way to update is by uploading the new XML file provided by your IDP or copy and pasting the new certificate into the existing configuration. Below are the steps for both options.
CAUTION:
Before making any changes we recommend saving the existing metadata on your account. You can do this by copy and pasting the existing XML metadata from the Bitsight platform into a .txt document or save as an .xml file.
Updating Your SAML Configuration with Metadata
If you decide to replace the entire metadata file this section will explain the steps to proceed. This process will require you to obtain the new XML file from your Identity Provider for upload into the Bitsight platform.
- To get started scroll down in the SAML configuration and select Open File
- Once you select (open file) find the XML file provided to your by your identity provider.
- Once you have selected the XML file from your local computer this will automatically replace the existing XML data.
- Once completed scroll to the bottom of the SAML configuration page and select Update.
This will complete the updating of the Metadata and new certificate in the Bitsight platform. If this is successfully updated there is no need to proceed any further, the certificate update is now complete. You may test logging into the Bitsight platform.
Updating Your SAML Configuration with Copy/Paste
If you decide to replace the certificate only in the existing Metadata you may do so in the field marked MetaData. If you have already taken the step above and replaced the XML file there is no need to continue with this step and your update is already complete.
- To Get started scroll down to the filed marked Metadata.
- In this field is your existing Metadata.
- The certificate in this Metadata is starting from
<ds:X509Certificate>
and ends in</ds:X509Certificate>
- To replace this certificate simply highlight the existing certificate between the tags
<ds:X509Certificate>
and</ds:X509Certificate>
then paste the new certificate between these tags. - Once completed, select Update at the bottom of the configuration.
- This will complete the updating of the new certificate in the Bitsight platform.