Create a new certificate with the desired date.

Save the new certificate.

Download the new certificate in the correct format.

Upload the new certificate to the application.

Make the new certificate active in the Microsoft Entra admin center.

Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.

Browse to Identity > Applications > Enterprise applications > All applications.

Enter the name of the existing application in the search box ( Example: Druva ), and then select the application from the search results.

Under the Manage section, select Single sign-on.

If the Select a single sign-on method page appears, select SAML.

In the Set up Single Sign-On with SAML page, find the SAML Signing Certificate heading and select the Edit icon (a pencil). The SAML Signing Certificate page appears, which displays the status (Active or Inactive), expiration date, and thumbprint (a hash string) of each certificate.

Select New Certificate. A new row appears below the certificate list, where the expiration date defaults to exactly three years after the current date. (Your changes aren't saved yet, so you can still modify the expiration date.)

In the new certificate row, hover over the expiration date column and select the Select Date icon (a calendar). A calendar control appears, displaying the days of a month of the new row's current expiration date.

Use the calendar control to set a new date. You can set any date between the current date and three years after the current date.

Select Save. The new certificate now appears with a status of Inactive, the expiration date that you chose, and a thumbprint.

Now Activate the new certificate.

Make sure to update this new certificate in the Druva SSO configuration setting within the Druva admin console. Refer to : Set Up Single Sign-On (SSO) | Druva | Documentation