There are different ways to get this wrong.
The Problem
We need to change a TLS certificate that is used by ADFS to a new one.
The Solution
First of all, import your new TLS certificate and private key.
Open command prompt (CMD) as administrator and execute the following command (where lisenet.com.pfx is the file we want to import):
certutil -importpfx lisenet.com.pfx AT_KEYEXCHANGE
Make sure to provide the password used to protect the PFX file.
Open Powershell as administrator and execute the following command:
Set-ADFSProperties -AutoCertificateRollover $false
Find the new certificateβs thumbprint, see the image below for more info.
Set ADFS certificate using the thumbprint:
Set-AdfsSslCertificate -Thumbprint 881654f591f8bf73359524f46008e20509df08a5
Undo previous changes and restart the ADFS service:
Set-ADFSProperties -AutoCertificateRollover $true
Restart-Service ADFSSRV
This entry was posted in Windows and tagged ADFS. Bookmark the permalink. If you notice any errors, please contact us.