You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Rollover signing certificates in one IdP metadata

in Applications Security

Summary:

As per document "Federation SSO/Login Frequently Asked Questions" (FAQ1482, formerly known as Doc ID 1999676.1), Fusion application does not support multiple signing certificates in one IDP metadata; will only pickup the first one. This doc was last updated on 26-Oct-2024. Is this still accurate?

Content:

We have one IdP metadata file with two signing certificates. The older one is valid today but expires on 17-Apr-2026. The newer one is valid today and expires on 08-Apr-2029. We uploaded this metadata file and the UI displays expiration date 17-Apr-2026. Will SSO still work after 17-Apr-2026? Will it rollover smoothly to the newer certificate? The post of Jul'25 seems to suggest that it does, while the post of Dec'24 states that it does not. I'm not sure now and I am seeking some clarification.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!