Renewing Entra ID SSO certificate for Hoxhunt

You should renew your SAML 2.0 signing certificate in Entra ID (formerly known as Azure AD) before it expires to avoid any disruption in the Hoxhunt's SSO login.

IMPORTANT: Rolling the certificate in Microsoft Entra ID and configuring it in your app may cause single sign-on downtime. Please plan for potential downtime when performing the steps below.


1. Renew SAML Signing certificate in Azure portal

1.1. In the Azure portal, go to the Single sign-on page for HoxHunt.
1.2. In the SAML Signing Certificate section, click Create new certificate.
1.3. Choose a duration of up to 3 years, then click Save, then click OK.
1.4. Select the ellipsis (...), select Make new certificate active and click Save at the top. This will roll over your existing certificate to the newly created certificate.
1.5. Download the new certificate in Base64 format.

(For additional information about the steps done on Microsoft side, see:


2. Replace SAML Signing certificate in Hoxhunt Admin Portal

2.1. Go to Single Sign-On page in the Hoxhunt Admin Portal.

2.2. Open the .cer file you downloaded in a text editor.

2.3. Paste the entire contents (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- to the Public certificate field.

2.4. Click Save.


3. Test the new certificate

3.1. Click Test SSO integration.


3.2. If the test is successful, you have renewed the certificate correctly.



If anything goes wrong with the cert swap on Hoxhunt side (SSO login gets broken), you can still access Admin Portal as follows:

  1. Select any regular email in Outlook and click Hoxhunt button.
  2. At the bottom of the task pane, select Go to Dashboard.

You can now return to Admin Portal and work on the SSO settings.


Common errors

If you receive any errors, please refer to this KB article for assistance.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request