The X.509 certificates have a defined lifetime. e.g. in Google Workspace, it has a validity of 5 years. You should rotate a certificate if it's about to expire or if it becomes compromised. If a certificate expires before you rotate it, your users won't be able to use SSO to sign in to any SAML applications that use that certificate until you replace it with a new certificate.
To rotate the certificate, please open the SAML app in your SSO, navigate to the certicate page & recreate it. Once you get the new certificate please upload it to the Zluri platform.
Save the connection, and you can continue to use the SAML connection as configured.