BrokeBerry

Attack Computer Wiz

A Security & Technology Weblog

Without IIS it is not as straight forward as one would like, but it is still pretty simple with this walk through.

  1. Launch "MMC" and add the Certificates Snap-in specifying "Local Computer".
  2. Open the "Personal > Certificates" and right click your existing certificate, choose "Delete from the options.
  3. Right click any open space where your old certificate was and choose "Import".
  4. Navigate to your new certificate, specify the certificate password and continue through the prompts.
  5. Once you see the new certificate in the MMC, double click it and choose the "Details" tab. Scroll down to "Thumb Print" and click it one time. You will see a series of letters and numbers in the bottom window. Copy those numbers and paste them into a blank Notepad document. Move Notepad aside but do not close it.
  6. Close the Certificates MMC.
  7. Open AD FS Management and navigate to AD FS > Service > Certificates.
  8. On the right side, click "Set Service Communications Certificate" and chose your new certificate.
  9. Close AD FS Management.
  10. Back to NotePad, Delete all the spaces from your pasted text. 
  11. Copy the thumb print (CTRL+C).
  12. Launch PowerShell as Administrator.
  13. In Powershell, type: Set-AdfsSslCertificate
  14. When prompted for the Thumb Print, press CTRL+V to paste your certificate thumb print into PowerShell and press enter.
  15. Close PowerShell.
  16. Open Services and restart the ADFS Service.
  17. Launch your ADFS portal and confirm your new certificate is being used.

Thanks for reading, I hope this helped!

user Posted by John "Mike" Wright

| More

0 comments

Post a Comment