When trying to apply changes to a virtual proxy set up with SAML authentication, the error "invalid signing certificate in the metadata file" appears.
Environments:
As the message says, the certificate provided in the IdP metadata file is invalid, the most common reason is that it has expired.
Example:
<KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>
MIIC8DCCAdigAwIBAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxIDxibeHXAszya
</X509Certificate>
</X509Data>
</KeyInfo>
</KeyDescriptor>
By copying the certificate from the IdP file and decoding it, you will be able to see the expiration date.
For example, a website such as https://www.sslshopper.com/certificate-decoder.html can be used to decode the certificate.