SP certificate expiration
Mark K. Miller
max at psu.edu
Wed Apr 27 10:59:54 EDT 2016
As I 'understand' it, there's no restriction that requires you to use a
SalesForce self-signed cert. I believe you can just create your own
self-signed cert and upload the cert/key pair to use in your config. For
more details, I'd start here:
https://help.salesforce.com/HTViewHelpDoc?id=security_keys_about.htm&language=en_US
Hope that helps,
Max
On Tue, 26 Apr 2016, Andrew Morgan wrote:
> I'm testing SAML integration between Salesforce and our IDP v3.2.
> Salesforce's metadata contains a CA-signed certificate that expires in 2017.
> It sounds like I can generate a self-signed certificate in Salesforce and
> configure Salesforce to sign SAML requests with it. However, the self-signed
> certificates in Salesforce are only valid for 1 year.
>
> Some Googling around indicates that the IDP doesn't care if the certificate
> expires. Can anyone confirm that?
>
> Can I enable assertion encryption using this self-signed certificate that
> will expire in 1 year?
>
> What have other people done for Salesforce?
>
> Thanks,
> Andy
More information about the users
mailing list