troubleshooting Question

Steps involved in ADFS certificate replacement

Avatar of curious7
curious7 asked on
Microsoft OfficeMicrosoft 365* Active Directory Federation Services (ADFS)
1 Comment1 Solution27 ViewsLast Modified:
I have to replace the ADFS certificate on the server. How can I determine all the servers involved in ADFS.
I plan to use the following method:-
1. Import the new certificate into the server certificate store.
2. From the ADFS management console set services communications certificate and select the new certificate. Do the same for token signing. Restart ADFS service.
3. Run following command with the thumbprint of new cert:
Set-AdfsSslCertificate –Thumbprint xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
4. On the ADFS WAP server run following commands for the new cert thumbprint:-
Set-WebApplicationProxySslCertificate –Thumbprint xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Set-WebApplicationProxyApplication –ExternalCertificateThumbprint xxxxxxxxxxxxxxxxxxxxxxxxxx

Do we need to do something from the vendor side who use ADFS for sso?
And any other step to think of?
And if ADFS is used for Office 365 then are there more steps to follow?
Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros