Hi Genesys Community,

Just looking for some advise regarding Microsoft Azure Single Sign On in Genesys Cloud and upcoming SSO certificate expiry:

 
Noticed upon login to our Azure portal, it's coming up with 'Certificate Expiry Status' soon (12 March 2024)

Same expiry date also showing in Genesys: 

I've not been able to find anything in the Resource Center that advises what needs to be done here to renew/update (can only see instructions on Adding Azure AD as a new provider):

• Is it just a matter of just following the step relating to Certificate (as per below)?
• Does it need a new certificate to be imported into Azure?
• Is there an outage/impact? Should this be done after hours?

Cheers,

Hey Jeff

Rough idea of what I've done/recommend.

• Definitely do this out of hours (if possible)
• Get new certificate exported from the SSO/SAML app in Azure
• If your org is set to be SSO only, as a precaution turn that off and make sure you can get in using Genesys authentication in case something goes wrong
• Import new certificate into SSO settings in Genesys Cloud
• Test SSO

I don't recall if you can keep multiple certs on the Genesys side (think you can for SIP but not for auth).  It's possible on Azure it will continue to honour the old certificate until you import the new one and start using it.  Still worth doing out of hours.  I think we pretty much had to cross our fingers when we went through it but didn't hit any issues.