one of your on-premises federation service certification is expiring update now
We are getting the pop when logging to O365 portal. The AutoCertificateRollover property is set to TRUE in ADFS server.
Please let me know if we need to update the certificate manually or it will be taken care by itself.
The popup usually shows up several weeks in advance (60 days if I remember correctly), so you have plenty of time to plan. In your case, auto-certificate rollover will take care of replacing the cert. In case you are not using the same cert as the SSL communications cert, your only job is to make sure the metadata is updated after the change happens. You can automate this part by settings up a scheduled task as detailed here: https://gallery.technet.microsoft.com/scriptcenter/Office-365-Federation-27410bdc
If you are using the same cert as token signing and SSL comm, you need to plan for replacing it on the AD FS server, Proxy/WAP servers any LBs, etc. Here are the relevant articles:
In my case the AutoCertificateRollover is True, so will it take care of the replacement of cert. If so how many days before the expiry date certificate is updated.
Also how do I know if my server is ADFS 2.x or 3.0.
If you are using the same cert as token signing and SSL comm, you need to plan for replacing it on the AD FS server, Proxy/WAP servers any LBs, etc. Here are the relevant articles:
for AD FS 2.0/2.1 http://social.technet.microsoft.com/wiki/contents/articles/2554.ad-fs-how-to-replace-the-ssl-service-communications-token-signing-and-token-decrypting-certificates.aspx
for AD FS 3.0 http://blogs.technet.com/b/tune_in_to_windows_intune/archive/2013/11/13/replace-certificates-on-adfs-3-0.aspx