Skip to main content
All CollectionsKnowledge BaseDruva Cloud Platform
How to create a new certificate in EntraID for Druva SSO application
How to create a new certificate in EntraID for Druva SSO application

How to create a new certificate in EntraID for Druva SSO application

Updated over a month ago

Overview

You may see that the Microsoft certificate for the Druva SSO application has expired when you list down the enterprise application in EntraID like below :

This may impact the Druva SSO functionality through the application.

By default, Azure configures a certificate to expire after three years when you create it automatically during SAML single sign-on configuration. Because you can't change the date of a certificate after you save it, you have to:

  1. Create a new certificate with the desired date.

  2. Save the new certificate.

  3. Download the new certificate in the correct format.

  4. Upload the new certificate to the application.

  5. Make the new certificate active in the Microsoft Entra admin center.

Detailed Steps

  1. Browse to Identity > Applications > Enterprise applications > All applications.

  2. Enter the name of the existing application in the search box ( Example: Druva ), and then select the application from the search results.

  3. Under the Manage section, select Single sign-on.

  4. If the Select a single sign-on method page appears, select SAML.

  5. In the Set up Single Sign-On with SAML page, find the SAML Signing Certificate heading and select the Edit icon (a pencil). The SAML Signing Certificate page appears, which displays the status (Active or Inactive), expiration date, and thumbprint (a hash string) of each certificate.

  6. Select New Certificate. A new row appears below the certificate list, where the expiration date defaults to exactly three years after the current date. (Your changes aren't saved yet, so you can still modify the expiration date.)

  7. In the new certificate row, hover over the expiration date column and select the Select Date icon (a calendar). A calendar control appears, displaying the days of a month of the new row's current expiration date.

  8. Use the calendar control to set a new date. You can set any date between the current date and three years after the current date.

  9. Select Save. The new certificate now appears with a status of Inactive, the expiration date that you chose, and a thumbprint.

  10. Now Activate the new certificate.

  11. Make sure to update this new certificate in the Druva SSO configuration setting within the Druva admin console. Refer to : Set Up Single Sign-On (SSO) | Druva | Documentation

Did this answer your question?