Getting Data In
Highlighted

Azure Active Directory is going to be rolling their signing key on a regular basis. Will Splunk handle the key rollover event automatically?

Path Finder

Azure Active Directory is going to be rolling their signing key shortly and does so on a regular basis.

Will Splunk handle the key rollover event automatically?

Highlighted

Re: Azure Active Directory is going to be rolling their signing key on a regular basis. Will Splunk handle the key rollover event automatically?

Splunk Employee
Splunk Employee

If your certificate is about to expire then, you can re-import metadata again. Metadata generally will have two signing keys 1) That you are currently using 2) A newer key that has longer expiration date. When verifying signature Splunk will try to verify with both the keys. The verification of signature is considered successful if it can be verified against atleast one of the configured keys. You must use 6.4 onwards for this to work though

View solution in original post