3119755 - Domain certificate renewal for SAP Cloud for Customer URLs (*.crm.ondemand.com)

Background

The existing server certificate for domain “*.crm.ondemand.com” is being renewed at Origin as it will get expire on March 15^th, 2025.

Please note that the certificate chains (root and Intermediate certificates) are also getting changed along with the leaf certificate, so entire chain must be installed in your Integrations, wherever it is used to work.

Also, there is a change in the signature algorithm of the certificate where it is moving from sha256RSA to sha384ECDSA (Elliptic Curve Digital Signature Algorithm) in-order to meet the security requirements – so if in-case you are using any older version tools or browsers it may not be supported, hence please upgrade your tools to the supported version.

Timelines

Change will be executed from February 28^th 18:00 hrs UTC to March 01^st 2025 11:00 hrs UTC for Test Systems.

Change will be executed from March 08^th 19:00 hrs UTC to March 09^th 2025 06:00 hrs UTC for Production Systems.

Impact

If you have third-party integrations like web services/APIs in your SAP Cloud for Customer (C4C) tenant, you may be required to update the domain certificate. These updates should be conducted by your internal IT resources, with the new certificate information that could be found below.

Impact on your tenant depends on the CDN configuration. For more details refer to the FAQs section.

Download New Certificate(*.crm.ondemand.com) from the Attachment section.

SAP Cloud for Customer

KBA , domain certificate renewal 2021 , LOD-CRM-SEC , Security Topics , LOD-CRM-INT-S4H , Integration of C4C with S/4 HANA , How To