Veeva Vault Maintenance Release Notification - SAML/Spark Certificate Rollover

Informational

March 03, 6:01pm PST

Veeva Vault Maintenance Release Notification - SAML/Spark Certificate Rollover

Status: closed

Date: March 03, 6:00pm PST

Affected Components:

Veeva Vault Vault-US PODs Vault-EU PODs Vault-AP PODs VV1-1 VV2-10 VV3-33 VV1-2 VV2-27 VV3-34 VV1-3 VV2-28 VV3-3048 VV1-4 VV2-29 VV3-3057 VV1-5 VV2-30 VV3-3064 VV1-6 VV2-31 VV3-3086 VV1-7 VV2-32 VV3-3096 VV1-8 VV2-35 VV3-3099 VV1-9 VV2-41 VV3-3120 VV1-11 VV2-44 VV3-3121 VV1-12 VV2-2047 VV3-3122 VV1-13 VV2-2050 VV3-3123 VV1-14 VV2-2056 VV3-3124 VV1-15 VV2-2060 VV3-3125 VV1-16 VV2-2063 VV1-17 VV2-2070 VV1-18 VV2-2072 VV1-19 VV2-2075 VV1-20 VV2-2080 VV1-21 VV2-2083 VV1-22 VV2-2085 VV1-23 VV2-2087 VV1-24 VV2-2091 VV1-25 VV2-2092 VV1-26 VV2-2095 VV1-37 VV2-2097 VV1-38 VV2-2098 VV1-39 VV2-2120 VV1-40 VV2-2121 VV1-42 VV2-2122 VV1-43 VV2-2124 VV1-1045 VV2-2125 VV1-1046 VV2-2126 VV1-1049 VV2-2127 VV1-1051 VV2-2128 VV1-1052 VV2-2129 VV1-1053 VV2-2130 VV1-1054 VV2-2131 VV1-1055 VV2-2132 VV1-1058 VV2-2133 VV1-1061 VV2-2134 VV1-1062 VV2-2135 VV1-1065 VV2-2136 VV1-1066 VV2-2137 VV1-1067 VV1-1068 VV1-1069 VV1-1073 VV1-1074 VV1-1076 VV1-1077 VV1-1078 VV1-1079 VV1-1081 VV1-1082 VV1-1084 VV1-1088 VV1-1089 VV1-1090 VV1-1094 VV1-1110 VV1-1111 VV1-1120 VV1-1121 VV1-1122 VV1-1124 VV1-1126 VV1-1127 VV1-1128 VV1-1129 VV1-1130 VV1-1131 VV1-1132 VV1-1133 VV1-1134 VV1-1135 VV1-1136 VV1-1137 VV1-1138 VV1-1139 VV1-1140 VV1-1142 VV1-1144 VV1-1145 VV1-1146 VV1-1148 VV1-1149 VV1-1150 VV1-1151 VV1-1152 VV1-1153 VV1-1154 VV1-1155 VV1-1156 VV1-1157 VV1-1158 VV1-1159 VV1-1160 VV1-1161 VV1-1162

Update

March 03, 6:00pm PST

Note: This Trust posting was retroactively added on March 6

Veeva Vault Maintenance Release Notification

The Veeva Vault is scheduled to roll over the signing certificate used to sign SAML Single Sign-on requests and Spark Messaging connections. There is no expected downtime however user logins may be affected if proper action is not taken.

IMPORTANT

The new certificate has been published and can be downloaded from here. Your IT organization needs to ensure that the new certificate is configured on your Enterprise Identity Provider system prior to the initial Certificate Rollover event. You also need to ensure that your Spark integrations don’t cache the certificate and are able to pick up the new certificate immediately after the rollover.

Learn more about the action required for the certificate rollover process.

Potential Impact to SAML Single Sign-on

Depending on your configuration, the new Vault certificate may need to be configured on your Enterprise Identity Provider system prior to the initial rollover event.

Potential Impact to Spark Connections

Ensure that your Spark integrations don’t cache the certificate in order for it to be picked up the moment it is rolled over.

Timeline of the Certificate Rollover

Date and Time	Event
Monday, February 3 at 7:00 pm PT	New Certificate Publishing The new certificate is available to download. You can download and begin testing with the new certificate.
From: Monday, February 3 at 7:00 pm PT To: Friday, March 3 at 6:00 pm PT	New Certificate Testing Period You can test the new certificate during this period. Both the old and new certificates are supported.
Friday, March 3 at 6:00 pm PT	New Certificate Rollover with Rollback Option Vault automatically upgrades all Vaults to use the new signing certificate on all SAML profiles and Spark connections.
From: Friday, March 3 at 6:00 pm PT To: Friday, March 24 at 6:00 pm PT	Support for New and Old Certificate To provide time for additional testing, both the old and new certificates are supported.
Friday, March 24 at 6:00 pm PT	Final Certificate Rollover The old signing certificate is no longer supported. For any Vaults which rolled back to the old certificate, Vault automatically upgrades all Vaults to use the new signing certificate. If your new certificate is not yet configured, you may experience blocking issues.

If you have further questions, please submit a ticket with Veeva Product Support.