The scheduled maintenance has been completed. The rotated SSO root certificate has been switched to be the primary certificate used by cloud.gov UAA SAML integration. The expiring certificate is secondary and will expire tomorrow April 23rd. Customers who dynamically pull SAML metadata using https://login.fr.cloud.gov/saml/metadata, should not be affected.
If you need to trust our SAML provider for your IDP, there are two methods for retrieving the new certificate:
Follow your agency's instructions for consuming and trusting our root certificate for SAML.
Posted Apr 22, 2025 - 08:30 EDT
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Apr 22, 2025 - 08:00 EDT
Scheduled
As part of maintenance of the cloud.gov platform it has come time to rotate the certificate associated with UAA SAML used by various IDPs. We've rotated the SSO root certificate used by cloud.gov IDP Integrators and have rolled it out. The new certificate is now available to be used and the old certificate will expire on Wednesday April 23rd, 2025. On Tuesday April 22nd, 2025, we will swap the primary certificate to the new certificate and keep the old expiring certificate as secondary. Customers who dynamically pull SAML metadata using https://login.fr.cloud.gov/saml/metadata, should not be affected.
If you need to trust our SAML provider for your IDP, there are two methods for retrieving the new certificate: