Umbrella SAML Certificate for SWG User Identity Expiring 12th of August 2023

Introduction

This document describes the expiration of the Umbrella SAML certificate for the SWG User Identification.

Overview

The Umbrella SAML certificate used for SWG User Identification expires on the 12th of August 2023 06:44:04(UTC). This certificate is to be renewed and made available on the 12th of July 2023. This allows time from then until the 12th of August for you to update your identity provider (IdP) with the renewed Umbrella SAML certificate. 

Updating the Cerificate

Updating the certificate is essential to avoid SAML user authentication failures and loss of internet access for those users. This first communication is intended to make you aware of this upcoming event and provide time to plan and schedule the certificate update task with your Identity Provider. Once the certificate is renewed and made available, a further confirmation update will be published. 

This is an annual task, however, the Umbrella metadata URL remains constant from previous years. This is why we recommend utilising the metadata URL to automatically acquire the renewed certificate, rather than using a manual import process. When the certificate is renewed, we update the metadata without changing the metadata URL. This approach supports those identity providers, like ADFS and Ping Identity, that can monitor the relying party metadata URL and automatically update when the relying party metadata is updated with a new certificate.

For more information on renewal options see, https://docs.umbrella.com/umbrella-user-guide/docs/saml-certificate-renewal-options

Note: Some Identity Providers do not perform validation of SAML request signatures and therefore do not require our new certificate. If in doubt, please contact your Identity Provider vendor for confirmation.

If you have any questions, do not hesitate to contact your support contact.