Single Sign On SSO / ADFS / Certificate needed renewed.

dunlopr · ‎06-19-2013

We have an ADFS server providing SAML2 for SSO. It has been working for "almost" 1 year.

This morning both our PROD and TEST instances would not permit logon using SSO and logged the following:
"Signature did not validate against the credential's key".

It was noticed that the existing certificate was valid for 1 year and there were 14 days to go before expiry.

Renewing the certificate resolved the issue.

Although the original certificate had not yet expired it looks like SN was refusing it.

I hope this helps others, comments appreciated.

Mark Laucus · ‎09-13-2013

We just had the same issue where the certificate expired before the actual date. We are looking into writing a web service call to get the certificate from ADFS automatically to reduce the chance the issue happening again.

Swapna Abburi · ‎02-06-2014

HI,

We are planning to implement SSO using ADFS and SAML. Would like to understand more about the configuration required at both ADFS and Servicenow end.

ruelong · ‎09-10-2018

Hi Dunlopr, we are receiving notification that the certificate we are using from ADFS is expiring. We are going to update (upload new certficate) to address the issue. What are we going to do with the existing (expiring) certificate? Just we have to left it there and ServiceNow automatically detect and use the new certificate? Is there a downtime for this?