function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Sandbox refresh removes/deletes paid/signed CA certificates

HI there,


We have built an integration to a 3rd party system using HTTPs.  This integration requires CA signed certificates (cannot use self-signed certificates from Salesforce).  Everything is working well, except that Salesforce deletes all CA signed certificates on every full sandbox refresh, which means that we will have to spend hundreds of dollars to generate a new CSR from Salesforce and have the CA sign them every time we do a refresh of the data.  This can get very expensive in the long run if we are to maintain this test/QA/sandbox environment.  Is there a workaround to this?





a sandbox refresh covers everything in the org.  there's no workaround for persisting data there, so the only suggestion we'd be able to give is to log something on the IdeaExchange.  It makes perfect sense for something like this to persist, so maybe they will consider natively supporting it.


that said, in my past experience, SF doesn't really care about the customizable SSL-related bits in Sandbox environments.  You may want to pursue using a developer edition org for that specific piece of your testing environment instead.




A sandbox "refresh" creates a completely new copy of your production organization, with a brand new Organization ID. Nothing from your old sandbox is used to create the new sandbox.  The only continuity between an old sandbox and the refresh that replaces it is the sandbox name (although you have the option of changing the name when you initiate the refresh) and the sandbox license consumed.


If you would like some information to be copied from your old sandbox to the new one as part of a refresh, please share your ideas on IdeaExchange--and be sure to promote any existing ideas you would find valuable as well.



Jon Product Manager


for that purpose, wouldn't it help if sfdc allowed import and export of the private key?

Hello All,
Salesforce has got this delivered.
Please visit.

Rohit Alladi