Loading

Salesforce Marketing Cloud Certificate Renewal Process Change

Publiceringsdatum: Jul 2, 2025
Beskrivning
Salesforce is making a change to the SSL certificate renewal process when customers bring their own certificates (customer-supplied certificates) to secure their custom domains used on the Marketing Cloud.

What is changing?
Salesforce will no longer use a Salesforce-supplied certificate as a safety net to renew a customer-supplied certificate that is about to expire. Customers are always considered responsible for renewing customer-supplied certificates annually. Failure to renew certificates before they expire will result in your end customers no longer being able to properly access content in the marketing messages they receive.

When will this change be made?
We plan to implement this change beginning in early December 2022.

Why is Salesforce making this change?
When customers choose to use Salesforce-supplied certificates, they sign special contract terms providing indemnity and allowing Salesforce to procure and install SSL certificates on the their behalf. They do not sign these contract terms when they choose to use their own customer-supplied certificates. Using Salesforce-supplied certificates as a fallback option, even as a stop-gap measure, when customer-supplied certificates expire can be considered a violation of their own security policy.
Lösning

What do you need to do?

  1. Customers must take responsibility to renew their own (customer-supplied) certificates in a timely manner. After this change is implemented, Salesforce will provide two advance certificate expiration notifications, one at 90 days and another at 45 days prior to certificate expiration, which should provide sufficient time to renew the expiring SSL certificate(s). Notifications will be sent in-app as well as by email.
  2. In-app notifications will be sent to all Marketing Cloud Admins, so make sure that the Security Admin who manages your account SSL Certificates has an Admin role.
  3. For email notifications, share an alias email for the Security Admin(s). The alias will provide redundancy and resilience against role changes. Email either your account representative or sreekanth.menon@salesforce.com.



What if you have questions?
Refer to the Marketing Cloud SSL Certificates Overview knowledge article for more information. If you still have questions about the Salesforce change for SSL Certificate renewals after reviewing the article, open a support case via the Help & Training Portal.
 

Knowledge-artikelnummer

000393680

 
Laddar
Salesforce Help | Article