Fix federation certificate expiry notification

Applies to: current and former vCloud users

Symptom

You have recently received an email titled "Federation certificate expiration notification" reading:

The federation certificate expiration is [DATE] [TIME]. An expired certificate may disable federation with the identity provider setup with your organization. The certificate can be regenerated from the Federation Settings page.

The federation certificate is used in the vCloud Director SAML Identity Provider as a basis for vDC user authentication. Note that vCloud Director sends out the warning even if you are using local Active Directory rather than SAML for authentication.

Solution 1 - Oxford vCloud customers

If the notification came from vcloud@vipr.ox.ac.uk then you do not need to take any action. IT Services will refresh the certificate for you prior to expiry.

Solution 2 - Other vCloud users

  1. Log into your vCloud environment and click on the Administration tab
  2. Choose Settings > Federation
  3. On the following screen Use SAML Identity Provider should be unchecked. If it is checked then please contact our Cloud Services Team and we will advise further
  4. Scroll to the Certificate section at the bottom of the screen, and click Regenerate
  5. A warning about the consequences of proceeding will be displayed. Provided Use SAML Identity Provider was unchecked earlier you can safely click on OK. The new certificate will be generated and the new expiry date displayed (it will be valid for one year)

Get support


Local IT support provides your first line of on-the-spot help

FIND MY LOCAL IT TEAM

 

Common requests and fault reports can be logged using self-service

   USE IT SELF SERVICE      

   LOG A SUPPORT CALL     

VIEW MY SUPPORT CALLS  

 

The Central IT Service Desk is available 24x7 on +44 1865 6 12345

If you do not have access to your Single Sign-On, you can use this form to contact the Service Desk