AD FS Certificate question
Posted on 2015-01-03
I am running ADFS, I have an ADFS Proxy and i have Office 365.
Simply put my certificates have expired. I am not ADFS expert but it is left to me to resolve so i need some assistance. the cert was automatically renewed at godaddy. i downloaded the cert to the primary ADFS Server and i have updated in ADFS Manager the Service Communication Certificate i restarted the server, i can see that a separate certificate has been added under token signing that relates to the new certificate i have installed however it i set to Secondary and the option to set to primary is greyed out.
Also the Token Decrypt cert is also set to an old certificate, i have automatic certificate renewal is set to true and i believe that this decrypting cert will also renew with time i am not sure. i do not have the ability to auto add a cert due to this feature being enabled that said i am running server 2012. is this the case? Will the decrypt certificate automatically add. also i need to set the secondary Token Signing certificate to Primary, as i stated it is greyed out. i read something about a grace period where by it will automatically set itself to primary in about 5 days but this is no good for me if we have no service. is there a way around it bearing in mind the old certificate is now expired.