<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Salesforce Certificate Expiration Notice
Oct 6, 2025
Single Sign-On
Okta Classic Engine
Overview

A notice occurs when the self-signed certificate in the Salesforce - Okta Single Sign On (SSO) trust relationship expires soon.

Applies To
  • Salesforce Self-Signed Certificate
  • Update
  • Okta Classic Engine
Solution

NOTE: Before proceeding, please note that all of the required actions are on Salesforce's side. The Okta integration is not involved in any way. Since the process might undergo changes, please contact Salesforce support for more details if needed.

Follow these steps to create and add a self-signed certificate to update the Salesforce - Okta SSO trust relationship.

  1. Create one within Salesforce under the Security Controls > Certificate and Key Management.
Certificate and Key Management
  1. Click Create Self-Signed Certificate:
create a self-signed certificate
  1. Click Save.
  2. Locate the Okta Single Sign-On settings under Security Controls > Single Sign On Settings. Use the drop-down next to Request Signing Certificate to select the new certificate.

Request Signing Certificate

  1. Save the settings.

Recommended content

Still looking for help?
Loading
Salesforce Certificate Expiration Notice