Remedyfroce ADFS SSO Email from Salesforce about the Default Certificate expiring

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC Helix Remedyforce Service Desk



    QUESTION:

    ADFS SSO issues related to the e-mail from Salesforce with subject "ACTION REQUIRED: Retirement of Default Certificate affects SAML Single Sign On into Salesforce".


    ANSWER:

    1) Create a Self-Signed Certificate in Salesforce(if it is already created then you can use it).

    2) Go to Single Sign On Settings and Update the SAML config to select the new self-managed certificate. This is to be done in Request Signing Certificate Column, click on Edit and choose the Self Signed Certificate from the drop down menu.
    - In the Request Signing Certificate field, choose the name of the certificate that you want to use for signing SAML assertions. Ensure that you do not continue to use the Default Certificate option, which is the proxy.salesforce.com certificate.

    3) Upload the new certificate into your IdP.
    - Download the Self-Signed Certificate from Salesforce(Go to Certificate and Key Management>Open the Certificate and click on Download Certificate)
    - Now go to ADFS and replace the proxy.salesforce.com Certificate with the new Self-Signed Certificate which you have Downloaded from Salesforce.


    Article Number:

    000140207


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles