Link to home
Start Free TrialLog in
Avatar of curious7
curious7

asked on

Steps involved in ADFS certificate replacement

I have to replace the ADFS certificate on the server. How can I determine all the servers involved in ADFS.
I plan to use the following method:-
1. Import the new certificate into the server certificate store.
2. From the ADFS management console set services communications certificate and select the new certificate. Do the same for token signing. Restart ADFS service.
3. Run following command with the thumbprint of new cert:
Set-AdfsSslCertificate –Thumbprint xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
4. On the ADFS WAP server run following commands for the new cert thumbprint:-
Set-WebApplicationProxySslCertificate –Thumbprint xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Set-WebApplicationProxyApplication –ExternalCertificateThumbprint xxxxxxxxxxxxxxxxxxxxxxxxxx

Do we need to do something from the vendor side who use ADFS for sso?
And any other step to think of?
And if ADFS is used for Office 365 then are there more steps to follow?
ASKER CERTIFIED SOLUTION
Avatar of Kesavan Jeganarayanan
Kesavan Jeganarayanan
Flag of Singapore image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial