Hi All,
Apologies I couldn't find the suitable place for AD FS. Our AD FS token signing certificate will expire in about 6 weeks and we're looking at extending this to 3 years. I would like to run my understanding of the whole process with someone with experience in this.
Here's what I think the process is;
- run a command to extend the certificate duration to 3 years
- token signing certificate will renew itself, new certificate will have a 3 years duration
- new certificate is sent to third parties, eg. Microsoft, Yammer, etc.
I also want to confirm that the command to extend the duration will need to be run very soon before new certificate gets issued by the server. I know that all this can be run manually and forcefully, but I don't want to disable the auto rollover.
Thanks.