Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

SSL certificate changes and what you need to know

kim_purcell
Kilo Explorer
‎11-05-2015 11:41 AM

To continue to ensure the security and privacy for our customers, ServiceNow has recently upgraded our SSL/TLS encryption. The SSL certificate used by ServiceNow, https://*.service-now.com was upgraded to a SHA-2 certificate beginning in October 2015. If you're scratching your head trying to figure out what this all means and determining if your instance has been affected, here are a few commonly asked questions and answers to help you out.

SSL Certificate Q&A

What's changed?

  • ServiceNow has updated the SSL certificate that supports your instance in our data centers.
  • SSL certificate updates will be increasing in frequency to support higher levels of security for your instance.
  • ServiceNow SSL certificate changes will now be routine changes, with advance notification no longer being sent for SSL certificate updates. These routine changes may include:
    • replacing the certificate with a new expiration date
    • revoking outdated certificates
    • adding a feature such as an additional server name

Why this change?

ServiceNow previously provided an interim SHA-1 SSL certificate, which expires in December 2015. As a lead up to this change, the SSL certificate used by ServiceNow, https://*.service-now.com has been upgraded to a "SHA-2." This will be phased in across data centers.

How does it impact us?

This change affects your ability to connect to your instance only if you have hard-coded our SSL certificate into your infrastructure. Some cases where hard-coded SSL certificates are found include:

  • A proxy server is used to access your ServiceNow instance. The proxy may have the current SSL certificate hard-coded into the proxy software.
  • Inbound integrations that connect to your ServiceNow instance. For examples, see List of Available Integrations.

Customers who have integrations, caching or proxy servers that have hard-coded the current ServiceNow SSL certificate may need to do a manual update to trust the new SSL certificate.

What if a manual upgrade is needed?

If you have determined that your instance is impacted by the SSL certificate change and a manual update is required, use the current SSL certificate information located in product documentation. Please note that hard-coded certificates are not recommended since ServiceNow will no longer be providing notification for certificate updates.

For detailed information about the SSL Certificate, see:

SSL Certificate Information
Changes to SSL Certificates

0 Helpfuls
  • 6,432 Views
7 Comments
Popular Blog Posts