The Umbrella SAML certificate used for Umbrella SWG user identification will expire on the 26th of September 2022 00:00 (UTC). This certificate will be renewed and made available on the 26th of August 2022. This will allow time from then until the 26th of September for you to update your identity provider (IdP) with the renewed Umbrella SAML certificate.
Updating the certificate is essential to avoid SAML user authentication failures and loss of internet access for those users.
This first communication is intended to make you aware of this upcoming event and provide time to plan and schedule the certificate update task with your Identity Provider.
Once the certificate is renewed and made available, a further confirmation update will be published that will provide the location where the new certificate and metadata can be obtained.
Since this will be an annual task, from this year onwards the Umbrella metadata URL will remain constant. When the certificate is renewed in future years, we will update the metadata without changing the URL. This approach will support those IDPs, like ADFS and PingID, that can monitor the relying party metadata URL and automatically update when the relying party metadata is updated with a new certificate.
Note: Some Identity Providers do not perform validation of SAML request signatures and therefore do not require our new certificate. If in doubt, please contact your Identity Provider vendor for confirmation.
If you have any questions, do not hesitate to contact your support contact.