fix: do not gc sso saml SP singing keys

apps/emqx/src/emqx_tls_certfile_gc.erl

@@ -271,9 +271,12 @@ find_config_references(Root) ->
 is_file_reference(Stack) ->
     lists:any(
         fun(KP) -> lists:prefix(lists:reverse(KP), Stack) end,
-        emqx_tls_lib:ssl_file_conf_keypaths()
+        conf_keypaths()
     ).
 
+conf_keypaths() ->
+    emqx_tls_lib:ssl_file_conf_keypaths().
+
 mk_fileref(AbsPath) ->
     case emqx_utils_fs:read_info(AbsPath) of
         {ok, Info} ->

apps/emqx/src/emqx_tls_lib.erl

@@ -50,11 +50,17 @@
 -define(IS_FALSE(Val), ((Val =:= false) orelse (Val =:= <<"false">>))).
 
 -define(SSL_FILE_OPT_PATHS, [
+    %% common ssl options
     [<<"keyfile">>],
     [<<"certfile">>],
     [<<"cacertfile">>],
-    [<<"ocsp">>, <<"issuer_pem">>]
+    %% OCSP
+    [<<"ocsp">>, <<"issuer_pem">>],
+    %% SSO
+    [<<"sp_public_key">>],
+    [<<"sp_private_key">>]
 ]).
+
 -define(SSL_FILE_OPT_PATHS_A, [
     [keyfile],
     [certfile],