Scheduled
The SSL certificate for IBM Verify tenants with *.ice.ibmcloud.com hostnames will be changed. The certificate change is scheduled for 09:00 UTC on 19 November 2025.
The cert is a dual RSA + ECDSA. The intermediate cert will change for both RSA and ECDSA.
- This should not impact Web Browser traffic
- This may impact any client application sending traffic directly through API from application servers. The new root certs should be added to the trust stores of those application servers before the new leaf certs are deployed on 19 November.
Details of the new certificate are available here: https://www.ibm.com/docs/en/security-verify?topic=overview-product-requirements
New trust chain can be downloaded from Digicert: https://knowledge.digicert.com/general-information/digicert-trusted-root-authority-certificates
- RSA
intermediate: CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
root: CN=DigiCert Global Root G2
- ECDSA
intermediate: CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
root: CN=DigiCert Global Root G3
Customers using the Verify SaaS Adapter or IBM Verify Identity Governance Adapter will need to update the trusted root certificates in their configuration (on prem or container) prior to November 19.
Users of IBM Verify mobile app on Android may need to download the latest version of the app.
Posted Oct 28, 2025 - 11:53 UTC
This scheduled maintenance affects: IBM Verify (Europe) (Authentication with Cloud Directory, Authentication with SAML Identity Provider, Authentication with IBMid for admin users, Authentication with External LDAP, User ID and password authentication from API, Single sign on for SAML applications, Single sign on for OIDC applications, Application Onboarding, Cloud Directory Users and Groups management, User and Group management with API client, Account Lifecycle), IBM Verify (US) (Authentication with Cloud Directory (Cluster A), Authentication with SAML Identity Provider (Cluster A), Authentication with IBMid for admin users (Cluster A), Authentication with External LDAP (Cluster A), User ID and password authentication from API (Cluster A), Single sign on for SAML applications (Cluster A), Single sign on for OIDC applications (Cluster A), Application Onboarding (Cluster A), Cloud Directory Users and Groups management (Cluster A), User and Group management with API client (Cluster A), Account Lifecycle (Cluster A), Authentication with Cloud Directory (Cluster B), Authentication with SAML Identity Provider (Cluster B), Authentication with IBMid for admin users (Cluster B), Authentication with External LDAP (Cluster B), User ID and password authentication from API (Cluster B), Single sign on for SAML applications (Cluster B), Single sign on for OIDC applications (Cluster B), Application Onboarding (Cluster B), Cloud Directory Users and Groups management (Cluster B), User and Group management with API client (Cluster B), Account Lifecycle (Cluster B), Authentication with Cloud Directory (Cluster C), Authentication with SAML Identity Provider (Cluster C), Authentication with IBMid for admin users (Cluster C), Authentication with External LDAP (Cluster C), User ID and password authentication from API (Cluster C), Single sign on for SAML applications (Cluster C), Single sign on for OIDC applications (Cluster C), Application Onboarding (Cluster C), Cloud Directory Users and Groups management (Cluster C), User and Group management with API client (Cluster C), Account Lifecycle (Cluster C), Authentication with Cloud Directory (Cluster E), Authentication with SAML Identity Provider (Cluster E), Authentication with IBMid for admin users (Cluster E), User ID and password authentication from API (Cluster E), Single sign on for SAML applications (Cluster E), Single sign on for OIDC applications (Cluster E), Application Onboarding (Cluster E), Cloud Directory Users and Groups management (Cluster E), Account Lifecycle (Cluster E), User and Group management with API client (Cluster E)), IBM Verify (Japan) (Authentication with Cloud Directory, Authentication with SAML Identity Provider, Authentication with IBMid for admin users, Authentication with External LDAP, User ID and password authentication from API, Single sign on for SAML applications, Single sign on for OIDC applications, Application Onboarding, Cloud Directory Users and Groups management, User and Group management with API client, Account Lifecycle), IBM Verify (Canada) (Authentication with Cloud Directory, Authentication with SAML Identity Provider, Authentication with IBMid for admin users, Authentication with External LDAP, User ID and password authentication from API, Single sign on for SAML applications, Single sign on for OIDC applications, Application Onboarding, Account Lifecycle), and IBM Verify (Australia) (Authentication with Cloud Directory, Authentication with SAML Identity Provider, Authentication with IBMid for admin users, User ID and password authentication from API, Single sign on for SAML applications, Application Onboarding, Cloud Directory Users and Groups management, User and Group management with API client, Single sign on for OIDC applications, Account Lifecycle).