Question

 Why has the Microsoft ADFS - SSO Server certificate been updated?

Answer 

The Microsoft Server is secured via an SSL certificate that is updated automatically on its backend, at a specific time frame. The renewal date is set up at the time of the server's configuration.

This action takes place solely on the ADFS server's side. As you can see in this article:

The token signing and token decrypting certificates are usually self-signed certificates, and are good for one year. By default, AD FS includes an auto-renewal process called AutoCertificateRollover. If you are using AD FS 2.0 or later, Office 365 and Azure AD automatically update your certificate before it expires.

Once the certificate is updated on the server's side, you will need to update the SSO with SAML fingerprint value against your Zendesk Support account.

If you don't have access to the data of the new certificate, simply decode the new SSL using an online tool, such as this one .

To update the certificate fingerprint, please login to your Zendesk Support account and:

1. Click the Admin icon () in the sidebar, then select Security from the Settings category.
2. Select the Admins & Agents or End-users tab.
3. Select the SAML option.
4. Enter the new Certificate Fingerprint. This is required to communicate with your SAML server.

   

   5. Click Save.

Once a certificate is renewed we would recommend you to ask your Server Administrator to retrieve the new certificate fingerprint and amend it against your Zendesk Support account.