You may get an email from Salesforce informing you that your self-signed certificate has expired.

If that is the case, you can follow the steps below to renew your certificate. We recommend doing this after hours.

As the self-signed certificate will be used in different configurations such as domain settings, identity provider configurations, single sign-on (SSO) settings, or connected apps in Salesforce, it is important to update the relevant configurations to use the updated certificate.

The following steps need to be repeated for orgs (sandbox etc) where the cert is expiring.

S-Docs Self-signed Certificate

1. From the setup menu, type "Certificate" into the Quick Find bar and click Certificate and Key Management in the dropdown menu.
2. Click Delete for SDocsCert.
3. Click Create Self-Signed Certificate.
4. Set Label to SDocsCert.
5. Set Unique Name to SDocsCert.
6. Click Save.
7. Click Download Certificate.

The next steps are different in Salesforce Classic and Salesforce Lightning.

For Classic:

1. From the setup menu, type "Apps" into the Quick Find bar, then click Apps (under Build > Create).
2. Scroll down to the Connected Apps section, find "Sdocs Connected Apps," and click the Edit link next to it.
3. Scroll down to Use digital signatures.
4. Click Choose File and select the previously downloaded certificate.
5. Click Save.
6. It may take several minutes for the new certificate to take effect.
7. Confirm that everything is working (test SDJobs with Mass Merge).

For Lightning:

1. From the setup menu, type "App Manager" into the Quick Find bar, then click App Manager in the dropdown menu.
2. Find the "Sdocs Connected Apps" connected app. Click the dropdown arrow on the right, and click View.
3. Click Edit at the top of the page.
4. Scroll down to Use digital signatures.
5. Click Choose File and select the previously downloaded certificate.
6. Click Save.
7. It may take several minutes for the new certificate to take effect.
8. Confirm that everything is working (test SDJobs with Mass Merge).

Other Self-signed Certificate

1. From the setup menu, type "Certificate" into the Quick Find bar and click Certificate and Key Management in the dropdown menu.
2. Select the expiring certificate.
3. Hover over the ‘Delete’ button to see where this certificate is being used. In the example below, it is used in the Identity Provider.
   
4. Navigate back to the Certificate and Key Management page. Click on "Create Self-Signed Certificate."
5. Enter a meaningful label and unique name. Ensure the key size matches the original certificate key size.
6. Click “Save”.
7. From the setup menu, search for the configuration that is using the expiring certificate, such as Identity Provider in our example.
8. Update the configuration to use the newly updated certificate, and you should now be able to delete the expiring certificate as it has been removed from the relevant configuration.