Azure SAML Signing Certificate Update

Follow

New post

Jack McLean

• August 30, 2021 15:02

Hi,

Any guidance on how to update an expiring SAML signing certificate?  SSO works fine but we got a notice that it will expire in October.  

0

• 

  France

  • August 30, 2021 18:23

  Hi Jack, 

  Welcome to the Box Community!

  There are new settings available in the Box Admin console which allows Primary Admins to manage their Box Enterprise's SSO connection's signing certificates without assistance from Box Support.
  
  The SSO certificate settings in the Box Admin Console allows Box Primary Admin to manage up to two signing certificates for your Box Enterprise's SSO connection. Please take a look at this article for further instructions: https://support.box.com/hc/en-us/articles/360055356533-Using-Self-Service-SSO-Certificate-Management
  
  Thanks for your participation in the forum and let us know how how else we can help!

  Best,

  0

  Comment actions Permalink
• 

  Jack McLean

  • August 30, 2021 18:33

  Thank you!  Just to confirm, I could add a second certificate without disrupting SSO for our users and this second cert would cover us if the original expires?  I want to make sure I do this right as it could impact over 150 user's access.

  0

  Comment actions Permalink
• 

  France

  • September 01, 2021 18:20
  • Edited

  Hi Jack, 

  That is correct, and exactly the reason why we support up to 2 certificates.

  In order to seamlessly support the transition from a soon-to-expire certificate to a new certificate, admins can add up two 2 certificate to their Box SSO connection. If the original certificate fails for whatever reason (e.g. expired cert) the SSO connection will automatically fall back to the secondary certificate. 

  Best,

  0

  Comment actions Permalink

Please sign in to leave a comment.