<div>
Thanks Adam, 
 
We'll only use the sts.company.com URL for all users to access globally. 
We'll be using a public premium EV SSL certificate for service communications. 
We'll use the self-signed certificates for token-signing/token-decryption and probably increase the lifetime to 3 years (or length of initial SaaS contract).
</div>

Thanks Adam,

We'll only use the sts.company.com URL for all users to access globally.
We'll be using a public premium EV SSL certificate for service communications.
We'll use the self-signed certificates for token-signing/token-decryption and probably increase the lifetime to 3 years (or length of initial SaaS contract).

<div>
<div class="content wysiwyg-content">
Hi, 
 
We are implementing a new AD FS solution. 
 
A questions I have around the SSL cert is: 
We have our main (internal) AD domain: 
company.net 
We also have subdomains: 
usa.company.net 
china.company.net 
india.company.net 
 
However, our users have e-mail addresses relating to their business rather than domain so email addresses will be: 
user@businessa.com 
user@businessb.com 
user@businessc.com 
user@businessd.com 
user@businesse.com 
 
The SSL certificate will be: sts.company.com (an external domain name) 
Do I need to include any information relating to any of the above? 
 
I'm thinking more around UPN/SAN information for the certificate. 
 
Thanks, 
Andy
</div>
</div>

Hi,

We are implementing a new AD FS solution.

A questions I have around the SSL cert is:
We have our main (internal) AD domain:
company.net
We also have subdomains:
usa.company.net
china.company.net
india.company.net

However, our users have e-mail addresses relating to their business rather than domain so email addresses will be:
user@businessa.com
user@businessb.com
user@businessc.com
user@businessd.com
user@businesse.com

The SSL certificate will be: sts.company.com (an external domain name)
Do I need to include any information relating to any of the above?

I'm thinking more around UPN/SAN information for the certificate.

Thanks,
Andy

ADFS Queries

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.