function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Jose Boveda 6Jose Boveda 6 

Does an expired Self-signed certificate break SSO functionality?

I'm wondering what functionality is impacted by an expired self-signed certificate in Salesforce. We have SSO enabled for the organization, and the authentication is handled via SAML metadata. Should this certificate expire, would I still be able to log into my ORG via SSO?
NagendraNagendra (Salesforce Developers) 
Hi Jose,

There are few places where a sefl-signed certificate could be used.

1. Identify Provider - If you are using SFDC as IDP for Single Sign On. You can find it under Setup >> Administer >> Security Controls >> Identity Provider.

2. Single Sign-On Settings - If you are using SFDC as Consumer for Single Sign On. You can find it under Setup >> Administer >> Security Controls >> Single Sign-On Settings.

If your certificate is used in one of the above places, it is quite intuitive to edit this screen and replace the certificate.

Hope this helps.

Thanks,
Nagendra