Hi all
We solved the issue… the problem was that, due to the fact, that we had to replace our Core-Certificates (Erneuern der TLS/SSL-Zertifikate). through that, our ucs-sso certificate got replaced too. This new Certificate was not matching the Cert on MS side.
So, because we installed the Office365 Connector later, than our UCS Master, the certificate of the sso had a longer/other expiry date.
This new created Certificate did not match to MS
PLEASE descripte this fact in your documentation , that you have to replace the SSO Certificate on Microsoft-Side, if you change the IDP Certificate.
Now, everything works again till 2022 (when the certificate really expires 
)
Question: Is there any documentation or scripting, which does the Replacement for the IDP Certificat to Microsofts Azure AD, like a saml update (like saml_setup.bat) script on UCS?
Many thanks