Hello,
After renewing the SSL certificates ( Renewing the SSL certificates - Knowledge Base / Supported - Univention Help the critical problem: SAML certificate verification failed! appeared.
Tried several times with section Renewing the SSL certificates but with no success.
Screenshot from system diagnostic below:
Please an assistance 
Best Regards,
LK.
Done the part below, but still have notification on login: An error accurred while connectiong to the server, please try again later. 
Also, root certificate on list in web browser in section root certificate is old, no the new one
On every SAML Identity provider (UCS Master and all UCS Backups), execute the following:
eval "$(ucr shell domainname)"
install -o root -g samlcgi -m 0644 /etc/univention/ssl/"ucs-sso.${domainname}"/cert.pem /etc/simplesamlphp/"ucs-sso.${domainname}-idp-certificate.crt"
install -o root -g samlcgi -m 0640 /etc/univention/ssl/"ucs-sso.${domainname}"/private.key /etc/simplesamlphp/"ucs-sso.${domainname}-idp-certificate.key"
service univention-saml restart
On each UCS system including the primary DC in the domain has to re-install the new certificate to make the UMC Single Sign On work:
eval "$(ucr shell ucs/server/sso/fqdn)"
rm -f /usr/share/univention-management-console/saml/idp/*.xml
ucr set umc/saml/idp-server="https://${ucs_server_sso_fqdn}/simplesamlphp/saml2/idp/metadata.php" || echo 'Failed!'
service univention-management-console-web-server restart
univention-run-join-scripts --force --run-scripts 92univention-management-console-web-server.inst
Every service provider connected to UCS must be updated with the new certificate. See the respective documentation for each service provider.