I still have a minor issue. I was going through the SAML SSO section of Renewing the SSL certificates and found that I don’t have an /etc/univention/ssl/ucs-sso.[mydomain] directory. Apache is failing to start on the backup DC because it can’t find cert.pem in that directory.
Did I miss a step somewhere?