/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
IPS tenants have an expiring mTLS certificate on August 7th, 2025. If the certificate is not updated the following issues will occur:
- Real Time User Sync will not work correctly
- Creation of Learning Sites will not be possible
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Environment
- SAP SuccessFactors Learning
- SAP Cloud Identity Services
Resolution
NEO IPS tenants:
- Download the certificate in the attachments of this KBA, you may need to rename it to include the .crt extension before importing.
- A new cert (cer.zip in the attachments of this KBA) will be implemented in Preview on July 29th and in Production on July 31st, please download and import this cert after the dates specified.
- This should be the last year we have to provide customers this cert.
- Only customers with NEO IPS tenants will have to update the cert (unlike last year where we had an issue with the tech user causing all customers to have to upload the new cert). This should be a very small number at this point.
- In the Identity Provisioning admin console, select the LMS source system.
- Select the Inbound Certificates tab, choose Import, and select the new certificate. More info on managing certificates here.
- Proceed to your IAS system
- Access the admin record associated to your LMS integration, which would have a name/ID such as “SAP LMS – LMSTenantID”
- Choose certificate and import it
Note make sure the admin or technical user has the permissions toggled on, see KBA 3248892
Converged IPS tenants:
- Import the new mTLS certificate into IPS tenant following the steps below:
- Download the certificate from the attachments of this KBA.
- Proceed to your IAS system admin side >
- Go to "Users & Authorization" > Administrators >
- Access the admin record associated to your LMS integration, which would have a name/ID such as “SAP LMS – LMSTenantID” >
- On "Configure System Authentication" section click on "Certificate" >
- Click on "Browse" and select the certificate file >
- Perform the import process and hit "Save" icon.
Note make sure the admin or technical user has the permissions toggled on, see KBA 3248892
See Also
3248892 - "A new Learning-only user could not be created" - Learning IAS Real Time User Sync
Keywords
IAS, IPS, cert, certificate, expired, expiration, user, creation, sync, real, time, update, read, job, , KBA , LOD-SF-LMS-IAS , LMS IAS Integration for External User , How To
Product
SAP SuccessFactors Learning all versions
Attachments
| Pasted image.png |
| Pasted image.png |
| cer.zip |
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)