Some applications have deprecated support for the SHA-1 signing certificate. If an application was deployed with a SHA-1 certificate that is now deprecated, and user authentication to the application fails, you need to update the security certificate. You can download the default SHA-2 certificate (Default Tenant Application Certificate) available from the Admin Portal or you can upload your own SHA-2 certificate and reapply it.
To update an expired signing certificate
Download the default signing certificate from Settings > Authentication > Platform > Signing Certificates to your local computer. See Downloading a signing certificate for more information.
Alternatively, you can upload your own SHA-2 certificate from Settings > Authentication > Signing Certificates and then click Add. See Adding a signing certificate for more information.
Apply the signing certificate for the application to Application Settings in the Admin Portal and to the application itself.
Check the application documentation for details on how to apply the certificate to the application.
Note: Be sure to use a matching certificate both in the application settings in the Admin Portal and in the application itself.