2088838 - How to Update SSO Certificates/Tokens in SuccessFactors HXM Suite

• How to change an SAML v2 certificate
• Steps for updating an DES/3DES token
• What is the process for updating an SSO certificate or token?
• Can multiple/rolling IDP signing certificates be configured in SuccessFactors?

SAP SuccessFactors HXM Suite

• The process to update a security certificate/token is done in Provisioning. Only Partners and Support have access to Provisioning.
• Please contact your Implementation Partner, provide the certificate for them and requesting the change.
• If you don't have an Implementation Partner, please follow the process below:

1. Open an case with Customer Support selecting the component LOD-SF-PLT-CER
2. Attach on the case the new Signing certificate/token in a plain text format or .cert format
3. Provide the availability of your IT team or specialist to have a meeting with SuccessFactors to execute a simultaneous replacement of the certificate on both sides

Notes:

• The process usually takes about 30 minutes to install and verify. But, for proper planning on Support end, please raise these tickets at least 5-7 working days ahead of time.
• This meeting will need to be scheduled during regular business hours. We don't update certificates on weekends.
• Please request the meeting time and we will get back to you with the invitation details
• Only one IDP signing certificate can be configured in SuccessFactors at one time. It is not possible to add multiple/rolling signing certificates in provisioning.
• Partners, follow instructions in KB article 2317944 - SAML 2.0 Provisioning Guide - Troubleshooting Tips and Tricks - Common Errors and Resolutions > section How to Update the SAML verifying certificate?

KB article 2317944 - SAML 2.0 Provisioning Guide - Troubleshooting Tips and Tricks - Common Errors and Resolutions

sf, success factors, bizx, biz x, SSO, SAML2, SAML v2, signing certificate, expired, expiration, format, cert , KBA , LOD-SF-PLT-CER , SAML Certificate Change , How To