As part of our commitment to maintaining the highest security standards, we will be rotating the SSO certificate used to authenticate users. This rotation is a standard practice to mitigate potential security risks associated with long-term certificate usage.
This change might impact your organization if your Identity Provider (eg Okta, Azure Entra ID, etc) has been configured to use the Secure Code Warrior certificate to validate SAML request signatures or to encrypt SAML assertions.
Failure to update your Identity Provider (IdP) configuration at the designated time will prevent your users from accessing our platform via SSO.
NEXT STEPS REQUIRED
Please verify this with your IT team. If this does not apply to your organization, disregard this notice.
What do you need to do if this applies to you:
Your IT team will need to update the certificate in your IdP on or after the cutover time.
Cutover Time:
- 27 March 12:00 PM EDT
- 27 March 9:00 AM PDT
- 27 March 4:00 PM GMT
- 28 March 3:00 AM AEST
How to get the new Certificate:
Option 1: You can copy the certificate from the section below and update it in your IdP at or after the cutover time mentioned above.
-----BEGIN CERTIFICATE-----
MIIGITCCBAmgAwIBAgIUCvhRc8YdcPIzEJqYnVIm0MxKb0gwDQYJKoZIhvcNAQEL BQAwgZ8xCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANOU1cxDzANBgNVBAcMBlN5ZG5l eTEcMBoGA1UECgwTU2VjdXJlIENvZGUgV2FycmlvcjElMCMGA1UEAwwccG9ydGFs LnNlY3VyZWNvZGV3YXJyaW9yLmNvbTEsMCoGCSqGSIb3DQEJARYdc3VwcG9ydEBz ZWN1cmVjb2Rld2Fycmlvci5jb20wHhcNMjQwMzEyMjM0NzAxWhcNMjkwMzExMjM0 NzAxWjCBnzELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA05TVzEPMA0GA1UEBwwGU3lk bmV5MRwwGgYDVQQKDBNTZWN1cmUgQ29kZSBXYXJyaW9yMSUwIwYDVQQDDBxwb3J0 YWwuc2VjdXJlY29kZXdhcnJpb3IuY29tMSwwKgYJKoZIhvcNAQkBFh1zdXBwb3J0 QHNlY3VyZWNvZGV3YXJyaW9yLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC AgoCggIBAMiPnBJEbTV8KA8ICKYPpo4qN0vQWYyfKflZqfrbrVme8DIDv0nKM7jb 92YwpLIz7yqOmxWKWdHnpPsypphzkofyfvjWMbjbNzu4iz+vXq2L915/+1EhTW6q 5GsVUOx6DzRs3UJ5IhwGP4B7/27r67UePKtRno27W+FB16kDEp0WbmXuYQoEr7Zq QXga9W1RsRQYLsJVjcDu0bpU1PIJkhAtxp3lFay+zVgMTlS0aZfPzMXG7ZF2ce2X HiTcTRBONlS3Rufja9mI04GgJ95THlvZoRHLlkqb8lDUygIoKhx5Qbqk0sO4tlIU ab9nKfm39sqtFG5P4jLOEtrAXRkoQp0oFHhZSJYYXKatynskfO7NZBbD1xm5eCqE 1onRx4N8TbYhFcus8CloWDwgqKyNd3pN0eoClRvbOuOMolErecL977XoB7Bgq5fb GqRSmfXDjn8TNfcu1x7U+M/HsT+dzu49DbqdSIWR3Qg0qEEIK3VgJpRgFpszOqz7 TsEd5R/qY/B0zxVEfZQaI8o+s7ssQBrmcpW+MPG/O0jcaJSY6QABoMoCSL1+nsSn 8Qv302cOB80XgX2WfhRn66BZ5IoE13nSDw3LZsNWAaKHQkK9YP3c1fwmcD+A4Tiq jMeVzeqItHJDTC4JfM4sTVlKVACWmqLAbvDI787k3IY705Ho23tBAgMBAAGjUzBR MB0GA1UdDgQWBBSH/Emh7uzJUeQJ3mjnhNCyfodYBjAfBgNVHSMEGDAWgBSH/Emh 7uzJUeQJ3mjnhNCyfodYBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA A4ICAQAVBZ0din+dHMDG0b3/qft4mAPDfflC0wfcxJbwD3sbHdWB1hiD/qV5PnCT 3azlgEKqQKWIzWuxkfJv79jLOMw2O6Ssdw20lDRH0gepY6uwwwBwIFWUGTP1bRWf 7CfZGAjTooojOWoOnAE/xhcncF2Z/ivquxmT4uhOCo4VGQJ2IyzYAKv42QapMuLR /dhPCUo9EkDWmKytC88wSfYFALDMHsYuQNd5pP2qVO/pmDpapPTj4mYm1Pou4Cmi gyxMMLHcj9JkmnZTZFEtrZTJN0zk4ClrOTzBxmVvQsOjPE1sPPmyi2T1Z9qV5X+K ciKbqJ8bMwh7/0ghhEMejZeLgsopkzG8C+fwVQMKoRjySlhlMhyBZnEW8UndK3Os B3oXMs6luyme6HEAlpQ39jkNw4BKudgqvH/ESGl5jhpi0ecSasgnVhbPhHXZ9z2+ DlXZgswWhPaj/A04keNWbWykCy4TRmMOyeA39u9G7JGqkQ0Qc43z0oYHpSI5umEo CgX78qQ/6OSMoJ80D/GZJ/YJPIdMTVfLSsYVQDsj7XgxJl9QDyJs/pc7pcfaiEgX IC+Hhy89H11b41s/H8FBYsHhIHUGLU2+dgmnrAVJG2vtCrapBe0C/o5qWEViDdsP 8iscDqiohljUUPZfbCkm8bGc4k7iwZVmPTIc3jChpRq+QX6Aug==
-----END CERTIFICATE-----
Option 2: Right after the cutover time, you can obtain the new certificate by navigating to our Metadata:
- Production (US): https://portal-api.securecodewarrior.com/auth/sso/metadata.xml?d=<company_domain> : Just replace the <company_domain> with your company email domain
- Production (EU): https://portal-api.eu.securecodewarrior.com/auth/sso/metadata.xml?d=<Ccompany_domain> :Just replace the <company_domain> with your company email domain
If you are not sure where your account is hosted, please reach out to our support team at support@securecodewarrior.com
Action Required:
Send this notice to your identity team or the relevant team responsible for IdP/SSO setup to implement the change. Failure to update your IdP configuration at the designated time will prevent user access to the platform through SSO.
For any inquiries, please don't hesitate to contact our support team at support@securecodewarrior.com.
Comments
0 comments
Please sign in to leave a comment.