Expired Certificate Message After Installing Updated Cert

Document ID : KB000124008
Last Modified Date : 28/12/2018
Show Technical Document Details
Issue:
After replacing an expiring cert, all partnerships using that cert are working as expected except one that appears to be using the old cert details.  Here is the error we are seeing:

[13162/140035579959040][Sun Dec 23 2018 12:14:30][AssertionGenerator.java][ERROR][sm-FedServer-00120] postProcess() throws exception: ncom.netegrity.assertiongenerator.AssertionGeneratorException: Error while signing Assertion! Exception: 
com.netegrity.smkeydatabase.api.XMLDocumentOpsException: SignInProtocol: Exception when signing SAML Assertion - WSFEDSigner: Exception while signing XML document. 
com.netegrity.smkeydatabase.api.XMLDocumentOpsException: Caught an Exception calling signXMLDocument using IXMLSignature. XMLSignatureApacheImpl.signXMLDocument(): Signing certificate has expired.
Cause:
Since multiple partnerships are using the certificate successfully, we know that the problem was within the one partnership that could not successfully use the cert.  While it is possible to analyze and identify the root cause of this type of inconsistency, it's usually easiest to correct by using the Admin UI to delete and recreate the object within the problematic configuration.
Resolution:
Remove the cert from the problematic partnership, save the partnership, then add the cert back.