I just wanted to verify if you need to use several UPNs and federate several domains with one ADFS server for Office 365, do you need an additional names for each on the cert as well as A record in external DNS to point to ADFS proxy?
I am reading that you only need one A record to point to the FQDN of your ADFS farm and just one name on the cert? Correct?
Also, on the cert, does the FQDN of the server farm needs to be common name or it can just be alternative name? So, if this can be an alternative name, then we can use the UCC cert, for example, from the Hybrid server, and just add adfs.domain.com as an alternative name? What is the best practice? Is it best to buy a separate certificate for ADFS server with common name as adfs.domain.com?
Thank you very much.