+8Both Commvault AI and Commvault human support (human support seems to use copy-paste from their own AI) say that we need to re-add the Azure SSO configuration in order to renew the SAML certificate.
This seems very inconvenient.
This means I need to ask the customer to complete all the steps to create a new application with the correct details once more.
Is there no way to renew the certificate and upload it to the existing Azure SSO config in Commvault?
Best answer by sbhatia
If you’re renewing the SAML certificate in Azure and need to update it in Commvault without redoing the whole setup, here’s how you can:
In Azure AD, go to your Enterprise Application used for Commvault SSO. Under Single sign-on, find the SAML Certificates section and click Edit. Add a new certificate, but don’t activate it right away. Once it’s created, download the Federation Metadata XML. After that, activate the new certificate.
Now navigate to Commvault Command Center. Go to Manage > Security > Identity servers, and select the identity server linked to your Azure SSO. Under the Identity provider metadata tab, click Edit and upload the metadata XML you just downloaded. Save it.
Hopefully, this should update the cert and metadata without needing to rebuild the SSO config from scratch.
+9If you’re renewing the SAML certificate in Azure and need to update it in Commvault without redoing the whole setup, here’s how you can:
In Azure AD, go to your Enterprise Application used for Commvault SSO. Under Single sign-on, find the SAML Certificates section and click Edit. Add a new certificate, but don’t activate it right away. Once it’s created, download the Federation Metadata XML. After that, activate the new certificate.
Now navigate to Commvault Command Center. Go to Manage > Security > Identity servers, and select the identity server linked to your Azure SSO. Under the Identity provider metadata tab, click Edit and upload the metadata XML you just downloaded. Save it.
Hopefully, this should update the cert and metadata without needing to rebuild the SSO config from scratch.
+8Yes bro, thank you. I found it.
I saw the pencil-icon on that tab, but in my mind this was for editing the text boxes that are visible there. So I didn’t even click on it to check. When clicking the pencil-icon on that page, the upload dialog box appears.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
