ADFS v 3.0. SSL Certificate Replaced. Old Certificate still shows on ADFS Website


Your SSL certificate you use for your ADFS v3 environment is due to expire. No problem, you go through the process of changing the Token-Decrypting, the Toke-signing and Service Communications Certificate. For good measure, the certificate on IIS is also updated.

The problem? You find that although these have been replaced, when users go to, you still get a certificate error and you are shown the old certificate.


Run the command Get-AdfsSslCertificate, note the thumbprint. Compare this against your existing certificates. You will find this is the old one.

Identify your new certificate, find it’s thumbprint. Now run Set-AdfsSslCertificate -Thumbprint %YourNewThumbprint%

More information:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s