Support Centre

  1. Support Centre
  2. Administration & Setup
  3. Advanced Configuration

SSO Certificate Update

Julie Mazouin
Modified on: Tue, 4 Mar, 2025 at 5:20 PM

In this article, you will learn :

  • What is a SSO certificate update,
  • Who can do a certificate update,
  • How to initiate the SSO Certificate Update for the Sherpany application,
  • What else is to be considered,
  • What are the actual steps to update the SSO certificate.

What is a SSO certificate update?

A certificate update involves replacing the current digital certificate used for Single Sign-On (SSO) authentication with a new one. This ensures secure and uninterrupted access for users. The frequency of this update depends on the customer's policy, requiring it either annually or every few years.

Who can do this? Can I do a certificate update myself?

No, this process requires involvement from Sherpany, as Sherpany needs to update the certificate within the SSO configuration. 

How do I initiate the SSO certificate update for the Sherpany application?

Please reach out to Sherpany support at [email protected].

You’ll need to provide us with the following information:

  • Your preferred date and time for the change and
  • The App Federation Metadata URL (or if not available the complete XML configuration including the new certificate).

We will then prepare the certificate update accordingly.

What else do I need to consider?

Besides initiating the update with our support team, please consider the following tasks: 

  • Inform users about potential downtime

    While performing the certificate update, there may be a short downtime during which users will not be able to access Sherpany via SSO. We suggest informing the users about the potential downtime. To minimize disruptions, consider scheduling the update outside of office hours. However, the Sherpany mobile app is still available offline and users with password & 2FA set up can still use this method of authentication. 

  • Organise a test user

    Ensure a test user is available during the update to verify the new configuration. This test user should be a Sherpany user with the respective email domain and have their credentials for the company login ready. 

What are the actual steps to update an SSO certificate?

  1. Enable new certificate in IdP (customer): ensure the new certificate is enabled on your side.
  2. Update configuration (Sherpany): update the XML configuration with the new certificate.
  3. Testing SSO (customer): the test user verifies SSO functionality by accessing the designated SSO URL after the update. Ideally, the test user will enter this URL with a private browser window.

Note  

The update will be performed directly on the production environment (PROD) without a test phase.


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Related Articles