Updating Infor LTR for new STS signing certificate

Update LTR for a new STS signing certificate. For muti-node deployments, this only needs to be done on primary node.

Note: Other Infor applications integrated with STS will require updating to the new signing certificates. Follow those application guides for proper steps. Integrated IdPs may also need the new signing certificate, download and apply the signing certificate based on these IdP signing certificate updating instructions.

After new signing certificate is active:

  1. Click on the Download Federated Metadata tab and select the Download SAML/WS-Fed IdP Metadata XML URL, right click and choose Copy.
  2. Open LTR manager, supply the SQL details and access your LTR farm.
  3. Select Identity Providers from the Object Explorer and double click the InforSTS_PSC provider.
  4. Select the From Url Import SAML Metadata radio button. Paste the SAML/WS-Fed IdP Metadata XML URL into the Value field and click Load. Note the change in the Primary Certificate. Click Save, click OK on the confirmation message.
  5. Select Infor LTR (Farm_name) under Object Browser and click the Save button. Click Yes on the Confirm action requires application restart message. Click OK on the Save Successful message. Close LTR Manager.
  6. Perform an iisreset using command prompt run as an administrator.
  7. Access the Grid by going to <InstallDir>/InforTechstackGrid/bin/ folder and selecting the AdminUI.cmd.
  8. In the Infor LTR Grid select the Security tab and then the SAML tab. Select Identity Provider and then expand Trusted Signing Certificates, note the Validity To date.
  9. Click the Import IdP Metadata link and click Import. Click Close when complete and make note of the new Validity To date.
  10. Update any integrated Infor applications and IdPs as required, validate authentication and access to the Infor LTR portal.