Cloud201 will auto generation a Federation Certificate for 1 year when an Organization is created. This certificate is used for SAML authentication (Security Assertion Markup Language).

Within Cloud201, the default is to use LDAP accounts or Local User accounts defined at the Organization level. Customer Org Admins are able to add additional accounts to their Organization or enable SAML.

When a Federation Certificate is about to expire, Cloud201 sends an email to the Org Administrator as follows:

From: [
Sent: Saturday, March 2, 2019 7:34 PM
To: <customer's org admin email address>
Subject: Federation certificate expiration notification.

The federation certificate expiration is 3/16/2019 3:21:13 PM. An expired
certificate may disable federation with the identity provider setup with your
organization. The certificate can be regenerated from the Federation Settings

If the customer is using Local or Standard LDAP users (SAML is not enabled), they can ignore the email or they can generate a new 1 year certificate.

To regenerate the certificate:

  • Log into Cloud201
  • Navigate to Administration > Settings > Federation for the Organization
  • Click Regenerate to generate the new certificate

If the customer is using SAML, follow this instruction found in the following VMware KB article: