Monsieur Winner

MS D365FO || Monsieur D365FO

Technical

Rotate ADFS certificate on D365FO on-premises

While planning for a D365FO on-premises deployment, Authentication a very key, as this enables users to communicate across Microsoft products. One of these authentication methods is the Active Directory Federation Services (AD FS).

AD FS is the authentication method used in an on-premises deployment. AD FS provides access control and single sign-on across a wide variety of applications including Microsoft 365, cloud-based SaaS applications, and applications on the corporate network.

When the ADFS certificate expires, we can generate a new one that will last for a year.

 

New-SelfSignedCertificate -CertStoreLocation "cert:\CurrentUser\My" -DnsName "adfs.contoso.com" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -Subject "adfs.contoso.com"

Get the certificate Thumbprint and run the following to set the certificate.

Set-ADFSSslCertificate -Thumbprint 'XXXX27ABA9C9FF4B669E708C105CFDXXXXX'

and make sure you install your AD FS SSL certificate to the Trusted Root Certification Authorities store(Local machine) on the AOS machine(s).

 

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

I faced the above error which took over 24 hours just because the ADFS certificate was not set.

 

admin

Komi Siabi is a Bilingual D365FO Solution architect who loves sharing his knowledge as he works on Both Francophone and Anglophone projects around the globe. He enjoys doing some tiktok videos in his leisure time.

0 thoughts on “Rotate ADFS certificate on D365FO on-premises

  • Your comment is awaiting moderation.

    The articles you write help me a lot and I like the topic

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *