After an upgrade ,SAML 2.0 Keystore_Key2048_SHA256 certificate and Java keystore have the value of "active" set to false.
Steps to Reproduce
Install the multi-SSO plugin.
Set the certificate SAML 2.0 Keystore_Key2048_SHA256 to true.
Upgrade the instance.
Check whether the certificate SAML 2.0 Keystore_Key2048_SHA256 is set to false.
If you are using SHA256 for your encryption:
Create a new record containing the same SAML 2.0 Keystore_Key2048_SHA256.
Name the record SAML 2.0 Keystore_Key2048_SHA256_2 and set it to true.
Change the default keystore to match the new record by going to /sys_properties_list.do and setting glide.authenticate.sso.saml2.keystore to the new sys_id of your certificate.
Related Problem: PRB1058696