Upon receiving an alert email notifying you that the existing certificate is nearing expiration, you may proceed to generate a new certificate following steps below:

1. To view all available certificates, navigate to Setup > Security > Certificate and Key Management.
    
2. Click to create a new self-signed certificate, use the <Create Self-Signed Certificate> option.

3. Define any meaningful Label and Unique Name to Save the record.

4. Next, go to Setup > Identity > Single Sign-On Settings > SAML Single Sign-On Settings, and replace/assign the newly created certificate to the <Request Signing Certificate> field.

5. If you have an existing certificate and are unsure of its usage, hover your mouse pointer over the <Delete> button. A tooltip will appear, providing the details on where the certificate is being used.

6. Additionally, expired certificates can be deleted after you have applied the new certificate to the SAML Single Sign-on Settings.