Help get this topic noticed by sharing it on Twitter, Facebook, or email.

Dear Support Team we have been notified by Salesforce that New Salesforce certificates will be issued this month, this will affect DBamp?

Important Information Regarding Your Salesforce Instance

Product & Service Notification

To maintain alignment with our security best practices, we will be rotating some certificates out in January and February 2018 for newer certificates that will be supported in future releases of Google Chrome.

What is the change?
A future release of Google Chrome will no longer support Symantec-issued HTTPS certificates, so we are replacing our Symantec-issued certificates with new DigiCert-issued certificates. HTTPS certificates are reflected in the browser's URL bar to indicate a secure connection while accessing secure websites, including Salesforce. Some examples of Salesforce certificates impacted by this change are:
• *.salesforce.com
• *.my.salesforce.com (My Domain)

• [instance].force.com
• login.salesforce.com
• test.salesforce.com
• *.cloudforce.com (Branded Login)

When will this change take place?
The certificate change will take place for all sandbox instances and test.salesforce.com during the second week of January 2018 and for production instances, login.salesforce.com and *.cloudforce.com during the second week of February 2018. Please check the article, Salesforce Certificates change from Symantec to Digicert in January and February 2018 for the complete schedule.

We apologize for the urgency of these certificate changes. These changes are driven by deadlines imposed by Google Chrome and we at Salesforce want to make sure there are no gaps in your security and trust in us.

How do I know if I'm impacted and what are the required actions?
Users of web browsers and most software, including Salesforce's desktop and mobile apps, are expected to see no impact from this change. However, other software, like middleware solutions may require a configuration update to trust the DigiCert root, intermediate, and other relevant Salesforce DigiCert-signed certificates. If you have a middleware solution that requires you to specify which certificates it will encounter when communicating with Salesforce, then action is likely to be required.

You can verify this by using your web browser, software, and middleware solutions to access https://certtest.force.com.
• If successful, you will see "Certificate Update Test Passed" on the web page response.
• If unsuccessful, you will encounter a certificate trust error.

To test with your software and middleware solutions, use https://certtest.force.com as the base URL of the API login URL.
• If you see an invalid username error or a different HTTP status code, then the test was successful.
• If you see a certificate trust error, then the test was unsuccessful.

If your test results are unsuccessful, make sure you or your network administrator takes action by trusting the new DigiCert root certificate before the certificate change date associated with your instance.

Additional details on testing and actions required can be found in the article, Salesforce Certificates change from Symantec to Digicert in Jan 2018.

What will happen if I don't take the required actions?
If you haven't had to configure a list of trusted root certificates to successfully access and interact with Salesforce, your Salesforce service should continue to work without interruption. DigiCert is a widely trusted certificate authority that has been around since 2003, and the root certificate that Salesforce's DigiCert-signed certificates use was created in 2006. Software that has been delivered since then are expected to already trust DigiCert-signed certificates.

If you use middleware solutions to interact with Salesforce, including custom-written middleware, there is a risk of accessibility issues after Salesforce updates the certificates and if your middleware requires a list of trusted certificates. To reduce this risk, take the actions recommended above and ensure Salesforce DigiCert certificates are trusted.

Where can I get more information?
Participate in the Official: Salesforce Infrastructure Trailblazer Community Group to collaborate with other Salesforce users and remember to join the Certificate Changes Trailblazer Community Group to receive updates on all certificate changes.

For additional questions, open a case with Support via the Help & Training portal.

You are receiving this email because our records indicate you are an administrator of Salesforce CRM Org ID 00D24000000HGqA
Salesforce.com, Inc. The Landmark @ One Market, Suite 300, San Francisco, CA, 94105, United States
General Enquiries: 415-901-7000
This email was sent to cristina.pinheiro@altran.com
Privacy Statement | Opt-out of Product and Service Notifications
1 person has
this question
+1
Reply