Changes made to a certificate tied to a third-party authentication source require an update to metadata within the virtual proxy

Third party authentication using the SAML protocol needs updated metadata within Qlik Sense and the SAML IdP after any changes are made to the certificate.

Not updating metadata after changes were made to a certificate will cause the connection to fail. In order to verify the connection is from an authorized source and complete the SSO process, metadata must be updated by both parties. You will likely see “Error 500 - Internal server error” within your browser when trying to access Qlik Sense, through the virtual proxy that was setup for SAML, if you have not updated the metadata.        

These instructions are assuming changes were made to a previously installed and working certificate thus causing it to stop working. Deleting the proxy and recreating it will also work.    
 

Updating SP Metadata

1. Within the QMC under virtual proxies select the SAML proxy

2. Click the Download SP metadata button at the bottom of the screen

3. After the file is downloaded give this to your SAML provider so they can update the IdP information

4. Once they complete the change have them return the file to you

5. Choose the virtual proxy used for SSO in the QMC and click Edit

6. Under the properties heading chose authentication   

7. Look at the area that says SAML IdP metadata

8. Click chose file and point to the location of the file your provider returned to you

9. Click Apply