Salesforce

Managing Application IDP Certificate and Key Pairs

Printable View
« Go Back
Information
Managing Application IDP Certificate and Key Pairs

IDP Certificate and Key Pairs
An IDP certificate and private key pair are required to successfully connect applications with JumpCloud. This certificate and key pair are used during SAML handshakes to successfully authenticate users during an SSO login. 
After you activate an application, we automatically generate a public certificate and private key pair for you. You can use this pair or upload your own from the Application Details panel. Learn how to generate an IDP certificate and private key pair.

Managing IDP Certificates and Private Keys

You can upload, download, and regenerate application IDP certificates from the Application Details panel. Additionally, you can view the status for both certificate and public key on the Application Details panel, including the certificate’s expiration date. Certificate and key status is indicated as grey if there isn’t a certificate or key detected for the application. Status is indicated as green if a certificate and key are detected.

When it gets close to the time when the IdP Certificate will expire, emails will be sent out to notify admins. These emails will be sent out with 60 days, 30 days, 7 days, and 24 hours before expiration. The emails contain a link labeled Regenerate Certificate that can be used to renew the IdP Certificate. 

Regenerate Certificate Email

To upload a new application certificate:

  1. Go to USER AUTHENTICATION > SSO.
  2. Select an application from the list.
  3. Click the small triangle on the right of the IDP Certificate status to launch the menu. Then select Upload new certificate.
  4. Browse to the certificate file. Then click Open.
Important: When you upload a new certificate, your private key is wiped. You need to upload a new private key after you upload a certificate.

To upload a new application private key:
  1. Go to USER AUTHENTICATION > SSO.
  2. Select an application from the list.
  3. Click the small triangle to the right of the Certificate status to launch the menu. Then select Upload IDP Private Key.

Important: When you upload a new private key, your IDP certificate is wiped. You need to upload a new IDP certificate after you upload a private key.

 
To download an application certificate:
  1. Go to USER AUTHENTICATION > SSO.
  2. Select an application from the list.
  3. Click the small triangle to the right of the IDP Certificate status to launch the menu. Then select Download certificate.
The certificate is saved as an XML file.
 

To regenerate an application certificate
Note: You can't regenerate a certificate until you activate an application connector.

  1. Go to USER AUTHENTICATION > SSO.
  2. Select an application from the list.
  3. Click the small triangle to the right of the Certificate status to launch the menu. Then select Regenerate certificate.
  4. Click continue.
  5. After you regenerate the certificate, the private key is also regenerated.
Tip: After the application is saved, you can download the certificate by clicking Download Certificate in the notification in the upper-right corner of the screen.  
Data Section
managing-application-idp-certificate-and-key-pairs
Powered by