End users are not able to login to O365 via Passly and receiving signing certificate expired message as below.
This issue can occur if the O365 signing certificate is expired in the Passly - O365 Integration. You can verify the same under SSO Manager > Application Library > Click on Office365 app > Signing and Encryption and check the Valid Between date.
1. Navigate to SSO Manager > Application Library > Click on Office365 app > Signing and Encryption > Click on Generate New Certificate
2. In the pop-up window leave PFX password field blank and then enter your domain name under certificate subject name and click on update and save the changes.
3. This may take some time take effect automatically or we can manually update them using Azure Powershell commands. To do so please follow the below steps.
1. Open windows PowerShell as and admin and run the below commands to Install the Azure PS Module.
Install-Module -Name AzureAD
2. Now install the MSOL module.
3. Login to office365 admin account via PS
(Prompts for a logon, requires .onmicrosoft account)
4. Set the certificate via PowerShell.
Set-MsolDomainFederationSettings -DomainName "your-federated-domain.com" -SigningCertificate "enter cert here"
Note: enter cert here needs to be replaced with the new generated cert contents. which can be obtained by click on "copy" button in the signing and encryption tab. Please copy the content highlighted as below of the cert to a notepad and then paste the same in the PS command.
5. You should now be able to login to Office365 via Passly without any issues.