We help IT Professionals succeed at work.

Generate SSL CSR for ADFS

understand how ADFS & Web Proxy servers work. I'm having an issue getting a standard SSL issued to work for the configuration of the ADFS and then the Web Proxy. I'm assuming I need to generate a CSR from the ADFS server at
a minimum of 2048.

How do I generate the CSR for the ADFS domain ss0.contoso.org?
Comment
Watch Question

David FavorFractional CTO
Distinguished Expert 2019

Commented:
Best provide...

1) flow chart of your device chain

2) how exactly you generated your CSR + cert

3) where exactly you've setup your cert (device in chain)

4) exact error you're seeing

5) before any of this will work, you must fix ss0.contoso.org where it resolves publicly, as currently this host returns no IP.

Note: SSL certs pin to hostnames returning IPs. You must fix #5 before you can make any progress.... unless all this is a Private CA setup, which will always cause you problem. Based on your description above, you must use a host that resolves + a cert generated with a public issuance chain.

https://LetsEncrypt.org provides free certs, SNI + Wildcard.
KylevCIO

Author

Commented:
@David

The question is how to generate the CSR from the ADFS server to generate the SSL. The SSL is already purchased but I need to rekey it with an Exportable Private Key.
Architect
Distinguished Expert 2019
Commented:
You can generate csr with custom request on adds server
OR
Contact your ssl vendor, he can guide you to get standard ssl certificate with required common name
There are posts available on net how to generate adfs cert requests if wanted to
MaheshArchitect
Distinguished Expert 2019

Commented:
I mean adfs
Its typo above