...
3. Log on to your old server. Go to shibboleth installation directory(/etc/shibboleth on Linux, c:\opt\shibboleth-sp on Windows). Verify the expiration day of the encryption certificate( signing certificate usually have has the same expiration day as the encryption certificate so you only need to verify encryption certificate)
Open sp-encrypt-cert.pem in text editor, copy the content and paste it in online certificate decoder: https://www.sslshopper.com/certificate-decoder.html. It will tell you the expiration day.
...
- do NOT copy them to the new server. Use the newly generated certificates on the new server instead( encryption certificate and signing certificate are automatically generated during Shibboleth SP installation. If they are not generated, follow Shibboleth installation guide to generate them).
- Open shibboleth2.xml, give change the entityID to a different value.
- Get your SP's new metadata. Then submit your metadata from https://shibrequest.cit.cornell.edu
...