As a security measure, the SAML certificate that allows Trusona to authenticate you to your Salesforce expires annually from the time of certificate creation.
When the certificate expires, authentication with Trusona will no longer work which is why you will have to create a new certificate before expiration and send Trusona the .xml file associated with that newly created certificate.
1. How to check when your certificate expires?
Select Setup > Search for Certificate and Key Management > look at Expiration Date
2. How to Create a new Certificate?
Select Create Self-Signed Certificate.
Enter a descriptive label for the Salesforce certificate.
Exportable Private Key: Uncheck the box
Key Size: 4096 (This will extend the certificate expiration an additional year to 2 years)
3. Updating your Certificate
Note: This should be done after hours and in coordination with Trusona. Updating the certificate will break current authentication until Trusona updates your new certificate on Trusona's end.
Select Setup > Search for Single Sign-On Settings > select Edit
Select the Request Signing Certificate drop-down > select your newly created certificate > select Save
4. Send Trusona new .xml file
In Single Sign-on Setting > select Trusona
Select Download Metadata
Email Trusona at firstname.lastname@example.org with the .xml file that was downloaded for integration on Trusona's end. Once integrated, Trusona for Salesforce will work as expected.