Loading
Salesforce now sends email only from verified domains. Read More
Agentforce Contact Center
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Manage Contact Center Certificates

            You are here:

            1. Salesforce Help
            2. Docs
            3. Agentforce Contact Center

            Manage Contact Center Certificates

            Salesforce uses certificates to help ensure the security of your Service Cloud Voice contact center. If your certificate is about to expire, we let you know by email so you can replace it with a new certificate. Service Cloud Voice supports certificates with up to 4,096-bit keys.

            Required Editions

            This article applies to:

            • Service Cloud Voice with Amazon Connect
            • Service Cloud Voice with Partner Telephony from Amazon Connect
            View supported editions.
            User Permissions Needed
            To create, edit, and manage certificates Customize Application

            To see how to manage contact center certificates for Service Cloud Voice, watch the video.

            When you create a Voice contact center with Amazon Connect, Salesforce creates a connected app that integrates Amazon Connect with Salesforce. Through SAML 2.0, the connected app and Salesforce (the identity provider) use a certificate to authenticate users. When you’re notified that a certificate is expiring soon, check whether it’s for your contact center. If it is, provide a replacement certificate.

            Important
            Important
            • The update process includes a brief period when single sign-on (SSO) is unavailable, so complete the update during a low-traffic time.
            • While using an expired certificate with your contact center doesn’t break anything, it’s not a good security practice. Updating the certificate takes just a few minutes.
            1. Check whether the expiring certificate is used by your Voice contact center.
              1. From Setup, in the Quick Find box, enter Connected Apps, then select Manage Connected Apps.
              2. Click the app named (Your contact center name) Connected App.
              3. In the section named SAML Service Provider Settings, click the certificate listed in the Idp Certificate field to open the certificate settings.
              4. Check the certificate’s expiration date. If it expires soon, it’s time to replace it.
            2. Create a replacement certificate.
              1. From Setup, in the Quick Find box, enter Certificate, then select Certificate and Key Management.
              2. To create a certificate, click Create Self-Signed Certificate. For help, see Generate a Self-Signed Certificate.
            3. Replace the certificate used by your identity provider.
              1. From Setup, in the Quick Find box, enter Identity, then select Identity Provider.
              2. Click Edit.
              3. In the dropdown, select the certificate that you just created and save your changes.
              4. On the Identity Provider page, click Download Metadata to download the metadata XML file.
            4. Replace the certificate used by your contact center’s connected app.
              1. From Setup, in the Quick Find box, enter Connected Apps, then select Manage Connected Apps.
              2. Click Edit next to the app named (Your contact center name) Connected App.
              3. In the Idp Certificate field, select the certificate that you just created and save your changes.
            5. Update the certificate metadata in your AWS settings.
              1. Log in to the AWS Management Console.
              2. Click IAM, then select Identity providers.
              3. From the list of identity providers, select SalesforceServiceVoiceIdp.
              4. Click Replace Metadata and upload the XML file that you downloaded previously.
            6. Verify that your contact center is using the new certificate.
              1. In Salesforce Setup, in the Quick Find box, enter Contact Centers, and select Amazon Contact Centers.
              2. Click Telephony Provider Settings.
              3. If your Amazon Connect Dashboard opens, you’re all set. If you see an error, something’s not right. Try walking through the steps again or contact Salesforce Customer Support for help.

            If you have multiple Voice contact centers with telephony provided by Amazon Connect, complete these steps for each contact center.

             
            Loading
            Salesforce Help | Article