How to renew SFDC Expiring Certificate?

  • I got a notification,the notification is

    You have one or more certificates in your Salesforce org [NAME + Orgid] that will expire soon. Please review the list below and visit Certificate and Key Management from Setup to make an update.

    • SelfSignedCert_20Jan2014_160057, Self-Signed, expires on 1/20/2016. Warning: This certificate will expire in 30 day(s) which activity we need to perform for the certificate renew?
  • Rename current certificate, then create a new self-signed certificate with a previous name. This way you won't need to update your code references, but might still need to update configuration (single sign on and/or API client certificate).

    You can find these under Security Controls > Certificate and Key Management.

    What do you mean by update configuration (single sign on and/or API client certificate) , how can i do that ? is there any concret tutorial ? Thanks

    @Mus if you are using cert with SSON, you should check whether reference is still there after you replace the cert.

    @dzh - why worry about keeping the cert name the exact same?

  • The steps above seem to be incomplete: I tried to delete the old certificate and it said it was still being used. Here is my take:

    Email Warning: Sandbox: SFDC Expiring Certificate Notification If you get an email with the following Subject Line, follow the instructions below: Note: The instructions in this link seem to be incomplete. How to renew SFDC Expiring Certificate?

    1. Open sandbox. Go to Setup → Certificate and Key Management

    2. Rename the expiring certificate with the suffix “-old”

    3. Create a new certificate with the name of the expired certificate. Keeping the name intact somehow helps reduce maintenance if you have references to this certificate in code.

    4. Go to Single Sign-On Settings.

    5. Check each record listed. Note: Click on the “Identity Connect” link (not Edit) and view what certificate it has assigned to it. (if you click Edit you cannot see the assignment easily).

    6. If the record lists the old certificate press Edit. Assign the Request Signing Certificate Field to the New Certificate (with the previous name). 7 Go back to the Certificate and Key Management and delete the expiring certificate

    I could not find the "Identity Connect" link(Step 5). Not sure if it was removed by SF. Thanks.

  • Here is how to update the certificate in Single Sign-On Settings. The new certificate will not be used until you do this.

    1. Navigate to Setup>Single Sign-On Settings
    2. Edit the Sign-On Setting that uses the expiring certificate
    3. Select the newly-created certificate from the Request Signing Certificate drop down
    4. Go back to Setup>Certificate and Key Management
    5. Delete the Old Certificate

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM

Tags used