I had an issue that presented itself over the weekend. IDM user app just stopped authenticating with eDir for some reason - with the following error "Identity Manager authentication is not correctly configured or Identity Manager to eDirectory SAML communication is not functioning correctly. Please contact an administrator to correct the problem."

I have logged a HIGH Priority SR with NetiQ but am still awaiting a response...

My analysis this morning has I believe identified the culprit. As part of the installation / configuration of the RBPM to eDirectory SAML component of configudate.sh it creates a self-signed certificate and stores it in:


That self-signed certificate appears to have expired on Friday evening @ 1713Hrs.
Now, I'm not sure how we can renew this cert? I couldn't find any literature on how to do it properly. A previous post on here which was left unanswered indicated that you could modify the XMLData directly but surely that is not the Official fix.

Additionally there is no advice on how you should generate the new replacement cert as the existing Cert was created by the installation package.

We are running IDM v4.5.1 SP1.

Any help you can provide would be much appreciated.

Kind regards