We've released an important security update affecting our SAML SSO customers:
We've updated the SAML signing cert we use from SHA1 to SHA256, a more secure certificate.
What this means
- All SAML SSO integrations set up from 19 July forward will automatically use the new certificate.
- For customers who have existing SAML SSO integrations, your existing cert will continue to work.
Is my knowledge base impacted?
If you are using SAML SSO for authentication to your knowledge base and you set up that configuration at any point prior to today (19 July 2022), you need to upgrade.
If your SAML SSO integration is using the older certificate, you'll see a yellow warning message encouraging you to upgrade at the top of Settings > SSO:
Sample warning message in Settings > SSO indicating you need to update to the new certificateHow do I upgrade?
To generate the new certificate, click the "click here" link in that yellow warning message on Settings > SSO. Once the new certificate is generated, you'll need to update your SAML IdP with that new certificate.
See Update your x509 certificate for more detailed instructions. (These instructions will also open in the widget when you click the "Read more" link in that message. )
