Login.gov 2025 SAML certificate rotation #5065

btylerburton · 2025-02-05T15:58:44Z

Annual Login.gov SAML certificate rotation needs to be done by March 2025. The 2024 certificates expire on April 1, 2025.

Sketch

Follow steps describe in wiki Login.gov SAML certificate rotation steps and notes from previous year.

The following two steps should be done at about the same time to minimize app authentication down time.

Update development IdP metadata URL in the code, update private keys in the CF environment.
Update public certs for development apps in login.gov sandbox dashboard.

The following two steps should be done at about the same time to minimize app authentication down time.

Update staging and prod IdP metadata URL in the code, update private keys in the CF environment.
Update public certs for staging/prod in the mirrored apps in login.gov sandbox dashboard, submit change requests to have the mirrored apps promoted, make sure they are deployed.

The text was updated successfully, but these errors were encountered:

btylerburton added bug Software defect or bug O&M Operations and maintenance tasks for the Data.gov platform labels Feb 5, 2025

btylerburton added this to the April 2025 milestone Feb 5, 2025

github-project-automation bot added this to data.gov team board Feb 5, 2025

Bagesary moved this to 📥 Queue in data.gov team board Feb 6, 2025

jbrown-xentity modified the milestones: April 2025, March 2025 Feb 6, 2025

btylerburton modified the milestones: March 2025, February 2026 Feb 6, 2025