Hi,
By default Azure AD will send an email notification 60, 30, and 7 days before the SAML certificate expires. Also you can review the list of Certificates and Secrets details with the mentioned scripts in this article as it is very useful to have a track of all the certs and secrets app-management-powershell-samples
Please check this link as it provides detailed steps for auto renewal of Certificates - tutorial-rotate-certificates
Hope this helps.