ADFS v 3.0. SSL Certificate Replaced. Old Certificate still shows on ADFS Website

Scenario

Your SSL certificate you use for your ADFS v3 environment is due to expire. No problem, you go through the process of changing the Token-Decrypting, the Toke-signing and Service Communications Certificate. For good measure, the certificate on IIS is also updated.

The problem? You find that although these have been replaced, when users go to adfs.yourdomain.com, you still get a certificate error and you are shown the old certificate.

Solution:

Run the command Get-AdfsSslCertificate, note the thumbprint. Compare this against your existing certificates. You will find this is the old one.

Identify your new certificate, find it’s thumbprint. Now run Set-AdfsSslCertificate -Thumbprint %YourNewThumbprint%

More information:
https://technet.microsoft.com/en-us/library/dn479374.aspx

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s