As a security measure, the SAML certificate that allows Trusona to authenticate you to your Salesforce expires annually from the time of certificate creation.

When the certificate expires, authentication with Trusona will no longer work which is why you will have to create a new certificate before expiration and send Trusona the .xml file associated with that newly created certificate.


How to check when your certificate expires?

Select Setup > Search for Certificate and Key Management > look at Expiration Date

How to Create a new Certificate?

 Select Create Self-Signed Certificate.

  1. Enter a descriptive label for the Salesforce certificate.
  2. Exportable Private Key: Uncheck the box
  3. Key Size: 4096 (This will extend the certificate expiration an additional year to 2 years)
  4. Select Save

Updating your Certificate

This should be done after hours and in coordination with Trusona. Updating the certificate will break current authentication until Trusona updates your new certificate on Trusona's end.

Select Setup > Search for Single Sign-On Settings > select Edit

Select the Request Signing Certificate drop-down > select your newly created certificate > select Save

Send Trusona new .xml file

  1. In Single Sign-on Setting > select Trusona
  2. Select Download Metadata
  3. Email Trusona at with the .xml file that was downloaded to complete the Trusona for Salesforce integration. Trusona will email you a confirmation once integrated.