ProjNet
asked on
AD FS Certificate question
I am running ADFS, I have an ADFS Proxy and i have Office 365.
Simply put my certificates have expired. I am not ADFS expert but it is left to me to resolve so i need some assistance. the cert was automatically renewed at godaddy. i downloaded the cert to the primary ADFS Server and i have updated in ADFS Manager the Service Communication Certificate i restarted the server, i can see that a separate certificate has been added under token signing that relates to the new certificate i have installed however it i set to Secondary and the option to set to primary is greyed out.
Also the Token Decrypt cert is also set to an old certificate, i have automatic certificate renewal is set to true and i believe that this decrypting cert will also renew with time i am not sure. i do not have the ability to auto add a cert due to this feature being enabled that said i am running server 2012. is this the case? Will the decrypt certificate automatically add. also i need to set the secondary Token Signing certificate to Primary, as i stated it is greyed out. i read something about a grace period where by it will automatically set itself to primary in about 5 days but this is no good for me if we have no service. is there a way around it bearing in mind the old certificate is now expired.
Simply put my certificates have expired. I am not ADFS expert but it is left to me to resolve so i need some assistance. the cert was automatically renewed at godaddy. i downloaded the cert to the primary ADFS Server and i have updated in ADFS Manager the Service Communication Certificate i restarted the server, i can see that a separate certificate has been added under token signing that relates to the new certificate i have installed however it i set to Secondary and the option to set to primary is greyed out.
Also the Token Decrypt cert is also set to an old certificate, i have automatic certificate renewal is set to true and i believe that this decrypting cert will also renew with time i am not sure. i do not have the ability to auto add a cert due to this feature being enabled that said i am running server 2012. is this the case? Will the decrypt certificate automatically add. also i need to set the secondary Token Signing certificate to Primary, as i stated it is greyed out. i read something about a grace period where by it will automatically set itself to primary in about 5 days but this is no good for me if we have no service. is there a way around it bearing in mind the old certificate is now expired.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, we went through it all
Step-by-Step ADFS Certificates
Will.