What action needs to be taken for a Vault SSL Certificate update?
Here is a summary of the actions that must be taken when a Vault SSL Certificate is updated by Veeva:
- Vault end users should not have to do anything on their end.
- If you have integrations with Vault that rely on SSL Certificates, please download the new SSL Certificate on the date specified in the related Online Help Documentation.
- The SSL Certificate must be updated on or after the date listed in the notification email that is sent to customers. Customers should download the new SSL certificate on that date and have their Identity Provider (IdP) update the SSL certificate on their end.
- It is recommended that if an IdP only supports one SSL certificate, that they do not update the SSL certificate until the date listed in the notification email that they receive.
- If the IdP supports multiple SSL certificates, then they may add the new SSL certificate as a backup (which will take effect sometime before the date listed in the notification email). They should also keep the SHA256 certificate as the currently active one, and can replace the SHA1 certificate, as the SHA256 certificate is the newer of these two.
- Customers should work with their local IT Department and their IdP to ensure that the SSL Certificate is updated properly.
NOTE: This primarily applies to users that use an SSO-based login security policy and specific integrations (e.g. TIBCO and Informatica). If a customer vault uses the Basic login security policy, then that vault will not be affected by this change.
- Vault Single Sign-On Documentation: SSL Certificate
- Vault Single Sign-On Documentation: Register Vault as a Service Provider (SP) in Your IdP
Send us your feedback: We are always looking for feedback to help improve our Knowledge Base! Please let us know if this article is helpful or provide feedback on how we can improve your experience by clicking here.