Unable to import new certificates when uploading metadata exported from IdP portal

• After renewing the certificate, metadata is imported without error.
• However the date on the certificate is displayed wrongly (old date).
• When checking metadata XML file, both old and new certificate is displayed.
• % less Azure_Metadata.xml| egrep "X509Certificate|ds:X509Data|SecurityTokenServiceType|ApplicationServiceType|IDPSSODescriptor" <X509Certificate>MIIC8DCCAdigAwIBAg...OLD_CERT...BPOrmadG3184X</X509Certificate> <X509Certificate>MIIC8DCCAdigAwIBAg...NEW_CERT...CmJctdchNbK9M</X509Certificate> </IDPSSODescriptor>
• req_stats.log shows the metadata that was uploaded.
• > less mp-log req_stats.log <request cmd="op" cookie="xxxxxxxx"><operations xml="yes"><upload><idp-metadata><content>********</content><name>Azure_Metadata.xml</name><profile-name>SAML_Test</profile-name><validate-idp-certificate>no</validate-idp-certificate></id

• Panorama 
• Azure IDP
• SCM (Strata Cloud Manager)

The old certificate is not removed from Azure.

The following workaround is given according to Microsoft Q & A.

1. Delete the old certificate from Azure.
2. Download the new metadata.
3. Import it on Panorama/Strata Cloud Manager. 
4. Work with an Azure expert and open a support case if the issue persists after implementing the above workaround.