Clarification on Single Sign-On Implementation and Certificate Management

Requirement:

• Implement Single Sign-On (SSO) for your application.
• Updated the Service Provider Signing Certificate in Appian.
• Generated a metadata file and sent it to clients.
• Configured the file and received an "Identity Provider Metadata" file, which was then configured in Appian under "Identity Provider Information".

Questions:

1. If I change the certificate that is already configured on the Appian side, will SSO authentication fail due to a metadata mismatch?

2. If it should fail due to a certificate change, why is it that in my case, when I change the certificates on the Appian side, the SSO works fine, and I am able to sign in to the website? The certificates are generated by the IIS manager on my system.