3347449 - Determining the correct component for signed SAML certificate

There are misunderstanding on which component to assign a case in regards to uploading signed SAML Certificates taken from the IDP depending on which product is being utilized.

SAP SuccessFactors HCM Suite

If the system is hosted on SAP SuccessFactors HCM Suite, the solution to update the SAML signed certificate taken from the IDP is not through STRUST but rather through provisioning and only Partners and Support have access to Provisioning. . The correct component for this is LOD-SF-PLT-CER  and is further explained in KBA 2088838 - How to Update SSO Certificates/Tokens in SuccessFactors HCM Suite

If this is not hosted on SAP SuccessFactors HCM Suite and rather on SAP ABAP Netweaver, this KBA walks you through how to update the expired certificate: 2462389 - SAML2.0: Renew IdP signing certificate on Service Provider on NetWeaver ABAP without downtime

Note: Specifically, the current SAP SuccessFactors HCM suite Single Sign-On (SSO) certificate is set to expire on June 2, 2025. After June 2, 2025, for those customers still using the old SSO certificate AND not integrated with SAP Cloud Identity Services – Identity Authentication, users will no longer be able to access SAP SuccessFactors HCM suite, causing downtime for the system. Therefore, we are requesting all SAP SuccessFactors HCM suite SSO customers not yet integrated with the Identity Authentication service to migrate to Identity Authentication or renew the certificate before June 2, 2025, to avoid downtime. 

• SAP KBA 2088838 - How to Update SSO Certificates/Tokens in SuccessFactors HCM Suite
• SAP KBA 2462389 - SAML2.0: Renew IdP signing certificate on Service Provider on NetWeaver ABAP without downtime

SAML, SuccessFactors HCM Suite, Renewal, SSO certificate,  ABAP, Netweaver , KBA , LOD-SF-PLT-CER , SAML Certificate Change , BC-SEC-LGN-SML , SAML 2.0 for ABAP , How To