- Log onto the AD FS server and from the certificates MMC snap in, import the new certificate to the server into the Personal certificate store. Right click Certificates item and select All Tasks > Import option. Import your PFX bundle.
- Right click the new certificate and select All Tasks > Manage Private Keys. Assign read permission to the service account used to run the AD FS service and click OK.
- Launch the AD FS Management Console, expand the Service menu in the left pane and click Certificates. Click the link Set Service Communications Certificate to set the new certificate. Select the valid certificate and click OK. Click OK to close the message. The certificate under Service communications has been updated.
- Right click the new imported SSL certificate and select Open. Select Details tab, find the Thumbprint for the new certificate and copy it, removing any spaces. From PowerShell run the command Set-AdfsSslCertificate –Thumbprint <ThumbprintID>
- Restart the ADFS service on the server
Update the Web Application Proxy Server
- Log onto the WAP server and import the new certificate as per the above steps
- Open PowerShell and run the command Set-WebApplicationProxySslCertificate –Thumbprint <ThumbprintID>
No comments:
Post a Comment