This article contains the following:
1. Expired SSL certificates
2. Downloading new certificate fingerprints
Expired SSL certificates
According to standard requirements, SSL certificates may have a lifespan of at most 2-3 years. As such, you may see examples of the following LDAP login error when your certificate expires.
Downloading new certificate fingerprints
To download the new SHA-1 fingerprint for your SSL certificate, navigate to https://schools.clever.com/instant-login/settings and click "Edit Settings" in the LDAP Authentication box.
If your LDAP server is connected to the Clever account via the LDAP URL, you should be able to click "Download From Server" to get an SHA-1 fingerprint for the latest SSL certificate on the server.
Click "Test Connection". If you see the message below, then it worked and you can now test a login. If you do not see this message or if your users are still having trouble logging in, please contact Clever support to troubleshoot.
Be sure to exit and save your new settings!
