Close

BLOGS

How to change the certificate after the expiration of the AD FS 2.0 service communication certificate

To replace an existing AD FS 2.0 Server service certificate, run the following steps.

Installing the new certificate in the local computer certificate store

Install the new certificate into the local computer certificates. To do this, follow these steps:

  1. Start -> Run 
  2. Enter MMC and hit Enter key
  3. On the File menu, click Add/Remove Snap-in.
  4. In the Available snap-ins list, select Certificates, and then click Add. The Certificates Snap-in Wizard starts.
  5. Select Computer account, and then click Next.
  6. Select Local computer: (the computer this console is running on), and then click Finish.
  7. Click OK.
  8. Expand Console Root\Certificates (Local Computer)\Personal\Certificates.
  9. Right-click Certificates, click All Tasks and then click Import.
 

Add a new certificate’s private key permissions AD FS service account. To do this, follow these steps:

Add to the AD FS service account the permissions to access the private key of the new certificate. To do this, follow these steps:

  1. With the local computer certificate store still open, select the certificate that was just imported.
  2. Right-click the certificate, click All Tasks, and then click Manage Private Keys.
  3. Add the account that is running the ADFS Service, and then give the account at least read permissions.

Note If you do not have the option to manage private keys, you may have to run the following command:

certutil -repairstore my * 

 

Bind the new certificate to the AD FS website by using IIS Manager. To do this, follow these steps:
  1. Open the Internet Information Services (IIS) Manager snap-in.
  2. Browse to Default Web Site.
  3. Right-click Default Web Site, and then select Edit Bindings.
  4. Select HTTPS, and then click Edit.
  5. Select the correct certificate under the SSL certificate heading.
  6. Click OK, and then click Close.

 

Configure the AD FS Server service to use the new certificate. To do this, follow these steps:
  1. Open AD FS 2.0 Management.
  2. Browse to AD FS 2.0\Service\Certificates.
  3. Right-click Certificates, and then select Set Service Communications Certificate.
  4. Select the new certificate from the certificate selection UI.
  5. Click OK. 

Note You may see a dialog box that contains the below message: 

The certificate key length is less than 2048 bits. Certificates with key sizes less than 2048 bits might present a security risk and are not recommended. Do you want to continue?

After you read the message, click Yes. Another dialog box appears. It contains the following message:
Ensure that the private key for the chosen certificate is available to the service account for this Federation Service on each server in the farm.

This was already done in step 2. Click OK.

Print
Posted: May 31, 2019,
Categories: Security,
Comments: 0,
Author: Urish Arora
Tags: AD FS 2.0
Rate this article:
5.0

Urish AroraUrish Arora

Other posts by Urish Arora

, Contact author

Please login or register to post comments.

Name:
Email:
Subject:
Message:
x

SEARCH

Categories

Subscribe to our blog

«April 2021»
MonTueWedThuFriSatSun
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789

  • Featured Posts
  • Recent Posts
  • Recent Comments
Dynamics365Authority is a community platform for Professionals and Students to contribute or share their knowledge and skills on Microsoft Dynamics 365 Technologies. Our primary goal is to invite professionals on Dynamics 365 technology across the world to contribute & share their knowledge and skills through their blogs so that we can help other developers.
Stay updated with Dynamics 365 technology. Improve skills and knowledge from our blogs, articles and code snippets. Learn it. Follow professionals and learn from them.
Unified Service Desk Book(Online Edition) 

FOLLOW US

Stay connected with us on our social media channels for latest articles, blogs posts etc.  We will keep updating regularly on our social media platform and web platform.

FACEBOOK

Follow us on Facebook

 

TWITTER

View all our tweets

 

DYNAMICS365AUTH

Join us now

 

BLOGS

View our blogs

 

 

Latest Blog

Posted: Dec 24, 2020

Form Event Programming Using JavaScript in Dynamics 365 - An Overview

In this video you will see the details on 'Form Event Programming using JavaScript in Dynamics 365'. This will also explore the different areas where you can use JavaScript in Dynamics 365. 

Read more
Posted: Dec 24, 2020

Getting Started with PowerApps

This video is a complete package of about the Power Apps. This video starts with the discussion about What is Power Apps and key reasons to use them. The difference between Canvas Apps and Model Driven Apps. In third part you will see a demo on how to create a Canvas App. Similarly in the forth part you will see the demo on how to create a Model Driven App. There is also a topic What is a Common Data Service (CDS) which will be covered in the fifth part and in the last part you will have some useful information about the PowerApps Portal (aka CDS Starter Portal).

Read more
Posted: Dec 23, 2020

Business Rules vs JavaScript Client API Dynamics 365

This video is about the difference between the Business Rules and JavaScript Client API in Dynamics 365 and some limitation of Business Rules over JavaScript Client API.

Read more
RSS

ADDITIONAL RESOURCES

Dynamics 365 Authority.com - Search the library for "Dynamics 365"

  What's New in Dynamics 365

  Dynamics 365 Documentation

  

  Sign-up for 30 days trial

 

 

Recent comments

Ashish:

Nice blog. Very helpful to get all references to white papers at one place.

Previous Next

About Us

Here comes the Dynamics 365 Authority - Great technical blog posts are hidden gems. They are hard to find simply because not enough of us write them in the first place. Yet technical blogging is one of the best things we can do not only for ourselves, but also as members of the wider community of developers.

Dynamics 365 Authority leverages this platform to help developers and users to move from traditional paper-based process to modern digital business process. Dynamics365Authority.com helps your business grow, evolve and transform.

Dynamics365Authority.com is your Digital Transformation Partner

Recent Posts

Form Event Programming Using JavaScript in Dynamics 365 - An Overview

In this video you will see the details on 'Form Event Programming using JavaScript in Dynamics 365'. This will also explore the different areas where you can use JavaScript in Dynamics...
  • 861
  • Article rating: 5.0

Getting Started with PowerApps

This video is a complete package of about the Power Apps. This video starts with the discussion about What is Power Apps and key reasons to use them. The difference between Canvas Apps and Model...
  • 604
  • Article rating: 5.0
RSS

Get in touch

Follow Us

 

Tag cloud: Dynamics365Authority.com; Dynamics365Authority.com; Sales; Leading community site on MS Dynamics 365; Dynamics 365 Authority; Service;Top CRM Blogs;  Digital Transformation; Field Service;Top Articles on MS Dynamics CRM Relationship Insights; Office 365 Security Compliance; Project Service; Microsoft Dynamics 365 for Sales; Relevance Search; Goal Metrics; Activities and Case; Sales Literature;Knowledge Management;

Terms Of UsePrivacy StatementCopyright 2021 by Dynamics365Authority
Back To Top