Loading

Marketing Cloud Single Sign-On Certificate Update

게시 일자: Jan 31, 2025
상세 설명

This article covers details about the Salesforce Marketing Cloud Single Sign-On (SSO) certificate update process. All Marketing Cloud administrators have received communication for updating their Single Sign-On certificate if their Marketing Cloud Cloud account is still using an expired Single Sign-On (SSO) certificate.

Failure to take immediate action before Febuary 5th, 2025 will result in breaking your Marketing Cloud account, preventing your users from being able to log in to their account using SSO.

솔루션

What is happening?
As of 2025, the only type of certificate that Marketing Cloud Engagement SSO supports is a Self-Signed Certificate.   If you cannot upload a Self-Signed certificate, you will want to either: 

What do you need to do?

  1. Modify your IdP policies to allow for Self-Signed Certificates to be utilized.
  2. Disabled signature validation on AuthNRequests / SLO and/or Encryption of assertions



How can you update your certificate?
Administrators need to follow the steps below to update their SSO certificate. Log in as Marketing Cloud administrator to the top level Marketing Cloud account (not at the child BU level) and follow the steps below:

  1. Under Setup, in Security Settings, select Single Sign-On Settings and opt in to acquire the latest 2025 certificate that is valid until February 5th 2025. Click Save explicitly.
  2. Download the SP Metadata and copy the certificate.
  3. Update the Identity Provider (IdP) with the new certificate.

Where can you get additional information?
More information regarding the procedure to update the SSO certificate is available in the Update Your Marketing Cloud SSO Certificate document.
 

Knowledge 기사 번호

000392391

 
로드 중
Salesforce Help | Article