JesusFreak42
asked on
Replacing SSL Certificate for Single Sign on in Office 365 on Windows Server 2012
Hello,
Our SSL certificate for Our federated services is expiring. We are no longer using the company whom we used when this was first setup, so we cannot renew the certificate but are going to be putting in a new one. I have found this article on the initial configuration:
http://blogs.technet.com/b/canitpro/archive/2013/06/13/step-by-step-setting-up-ad-fs-and-enabling-single-sign-on-to-office-365.aspx
However, I still have some questions, since this article is about initial setup, not replacing the cert:
1) First, is this article correct?
2) Second, do we need to undo the federation with MS 365 before doing this since it is a brand new cert from GoDaddy?
3) Is the process of getting the CSR done on the Proxy or the FS itself?
Our SSL certificate for Our federated services is expiring. We are no longer using the company whom we used when this was first setup, so we cannot renew the certificate but are going to be putting in a new one. I have found this article on the initial configuration:
http://blogs.technet.com/b/canitpro/archive/2013/06/13/step-by-step-setting-up-ad-fs-and-enabling-single-sign-on-to-office-365.aspx
However, I still have some questions, since this article is about initial setup, not replacing the cert:
1) First, is this article correct?
2) Second, do we need to undo the federation with MS 365 before doing this since it is a brand new cert from GoDaddy?
3) Is the process of getting the CSR done on the Proxy or the FS itself?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just open the GoDaddy help page and make your pick: https://support.godaddy.com/help/article/5343/generating-a-certificate-signing-request
ASKER
Ok. So to be thorough I am going to list out the steps briefly:
1) Generate the Certificate Request (On the ADFS or Proxy) and then upload it to GoDaddy.
2) Import the Certificate onto the ADFS 2.1 server as described in the first part of the article.
3) Check for Auto Certificate Rollover, and then we are done
So, two more questions:
1) Where do I find the URL in the CURRENT certificate
2) If Auto Certificate Rollover is not enabled, how do I enable it?
1) Generate the Certificate Request (On the ADFS or Proxy) and then upload it to GoDaddy.
2) Import the Certificate onto the ADFS 2.1 server as described in the first part of the article.
3) Check for Auto Certificate Rollover, and then we are done
So, two more questions:
1) Where do I find the URL in the CURRENT certificate
2) If Auto Certificate Rollover is not enabled, how do I enable it?
1) What URL are you referring to? The domain name should be in the subject if that's what you mean
2) it's the last link in the article: http://social.technet.microsoft.com/wiki/contents/articles/1424.ad-fs-2-0-how-to-enable-and-immediately-use-autocertificaterollover.aspx
2) it's the last link in the article: http://social.technet.microsoft.com/wiki/contents/articles/1424.ad-fs-2-0-how-to-enable-and-immediately-use-autocertificaterollover.aspx
ASKER