...
The new private key, long lived certificate, and keystore files will be generated with the file name suffix '.new'. Once you're ready to use them , just - after you have updated the IdP's metadata to include the new certificate and published the result - copy them over the existing files that don't have the '.new' suffix.
...