Skip to main content
Skip table of contents

Renewing an Expiring SSO Certificate

Your Entra ID SAML signing certificate has an expiration date. When it expires, SSO login to Cloud2 Spotter will stop working. To prevent this, you need to create a new certificate and activate it before the old one expires.

Start the renewal process at least 2 weeks before the certificate expiration date.

Create a new certificate in Entra ID

Find and open your Cloud2 Spotter SSO application from Azure Portal.

Generate new SAML Signing Certificate and check that its' status is Inactive.

Note: Do not activate the new certificate yet. It must remain inactive until Spotter team has confirmed that everything is ready.

Deliver information to Spotter team

Send a certificate renewal request via email to spotter@cloud2.fi or from Spotter > Support with the following information:

  • App Federation Metadata Url

  • The expiration date of your current (old) SAML signing certificate

  • Confirm that you have created a new certificate (still inactive)

Activating the new certificate

  • Once Spotter team confirms that we are ready for the switchover, agree on the date and approximate time of day when you will activate the new certificate.

  • On the agreed time, deactivate the old certificate and activate the new one in Entra ID.

  • Spotter team updates the App Federation Metadata Url.

There might be a short downtime for SSO login during the switchover, so it is recommended to try to time this on a lower usage time of day e.g. after 3pm.

Verify SSO login

After activating the new certificate (and waiting the possible downtime), test the SSO login and if there are any issues, contact Spotter team immediately.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close