Recommendation to do certificate renewal especially during rollover period

Quick Questions: 1. Is it possible to provide multiple certificates in saml request a. This will help enable 2 certificates during the rollover period. b. Does all identity provider support these or there is any configuration regarding these? 2. Currently, I am storing metadata and certificate file separately as some IDP client just provided new cert for renewal, not the whole metadata file again a. Can I update new provided cert in metadata file? 3. Can you point some recommended code for storing metadata file & cert file in database? we have web farms and managing certs on all servers is challenge a. That way I help me upload metadata & cert file from UI b. This will help manage cert renewal easily Essentially, I want a suggestion for managing the renewal of saml cert effectively and also what is ComponentPro support for. Please respond ASAP.

Yes you can provide multiple certs in one request. But you would need to convert your cert to base64 and save it as an attribute in the SAML request or response.