Not Considering

Since Tridion Sites 10 release we have dropped support of web-based (old way configuration) SAML authentication. Configuring a certificate in old way into .config fileas is not relavent anymore.

Instead you have to configure SAML authentication by configuring SAML idp in Access Management. Tridion Access Management provides centrilized security configuration for all Tridion applications.

Doing away of having 'thumbprint" in any Tridion configuration files.

When setting for SAML authentication, Tridion provided powershell script such as 'SetupSAML.ps1' added/updated 'thumbprint' into a few .config files (such as %TRIDON_HOME%\bin\TcmServiceHost.exe.config).

For customer that have ssl certificate that expire yearly, and who has many environment/system, it is a huge chore to update certificates as all those Tridion configuration files need to be updated again accordingly.

It would be ideal if we can come up with a way to either store the thumbprint in just one file (or somehow doing away of not storing any thumbprint information in any Tridon configuration files.