Need help figuring out where I went wrong with certificates post security breach.
I have followed the instructions for creating a new certificate and making our custom Apps use the new certificate. But both before and after applying the new certificate to the App within OneLogin management, attempting to login to a custom App results in the browser looping through making requests to the following url, the value of the SAMLRequest param changes with each request:
A little bit more about our setup. We have 9 custom Apps. Each with an instance in our QA environment and in our Production environment. I have only made the certificate changes to the QA instances so far so that we can verify the changes work before pushing the changes to production. Both the old and new certificates use SHA1.
Please sign in to leave a comment.