Disable ServiceNow Root of Trust

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Run a scheduled job on your trusted instance to disable Root of Trust.

    Avant de commencer

    Role required: admin, security_admin, and sn_kmf.cryptographic_manager

    Code Signing must be enabled on your protected and trusted instances. You can verify by checking that the com.snc.kmf.signature.validation.flag system property is set to true.

    This procedure is part of a series of procedures to change to a customer Root of Trust (ROT) on your instances. For an overview of this process, see Change your Root of Trust configuration.

    Procédure

    1. Log into your trusted instance.
    2. Navigate to All > System Definition > Scheduled Jobs.
    3. Open the Disable ServiceNow Root of Trust scheduled job.
    4. Select the Export signed job to production.
    5. Navigate to All > System Update Sets > Local Update Sets.
    6. Find and open the Disable ServiceNow Root of Trust update set.
    7. Select Export XML to export your update set as an XML file.
    8. Log in to your protected instance.
    9. Navigate to All > System Update Sets > Retrieved Update Sets.
    10. At the bottom of the list, select Import Update Set from XML.
    11. In the Import XML form, select Choose File and select the XML file you downloaded in the previous steps.
    12. Select Upload.
    13. Navigate to All > System Update Sets > Retrieved Update Sets, and open the Disable ServiceNow Root of Trust update set.
    14. Select Preview Update Set.
    15. After the preview is completed, select Commit Update Set.
    16. Navigate to All > System Definition > Scheduled Jobs.
    17. Open the scheduled job imported in the update set.
    18. Select the Execute Now button to run the job.

    Résultats

    Executing the scheduled job sets the ROT property to true. Your instance is configured to use the customer root of trust.