As part of our ongoing security focus, OneLogin will perform routine maintenance to renew the certificate for *.eu.onelogin.com, which expires on April 20, 2025. The new certificate will be deployed on April 8, 2025 and remain valid for approximately one year.
April 8, 2025
EU Shard 11:00am – 2:00pm PDT
Every certificate is signed by DigiCert, the certificate authority (CA). The intermediate certificate signature remains DigiCert Global G2 TLS RSA SHA256 2020 CA1
Most VLDAP clients don't require client certificates, so most customers won't be impacted by this change. If you haven't installed the OneLogin VLDAP client certificate, no further action is required.
If you import certificates into centralized services like Jira or Jamf that use VLDAP service for authentication or user search, please verify that the intermediate cert DigiCert Global G2 TLS RSA SHA256 2020 CA1 is present with the expiration date March 29, 2031.
If you require time to cutover, you must download and install the new VLDAP leaf certificate and associate certificate bundle before April 8, 2025 to avoid service disruptions:
Download the Digicert EU Certificate and open it in any text editor.
Copy the certificate's complete content, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- text.
Save the file as DigiCertGlobalG2TLSRSASHA2562020CA1.crt.
Download the Digicert certificate bundle and open it in any text editor.
Copy the second set of characters, beginning with -----BEGIN CERTIFICATE----- through -----END CERTIFICATE-----.
Save the file as DigiCertRootCA.crt.
Beginning April 8, 2025, the new certificate can be tested: vldap4.eu.onelogin.com