- Snapshot/backup your ADFS and ADFS Proxy servers.
- Import the new certificate to all servers personal store, in my case I am using a Wildcard Certificate obtained from GoDaddy. *Details can be found here.
- Open WIndows Powershell
- Get new certificate thumbprint by running the command:
*If you are not sure which Thumbprint is your new certificate go to the .crt file and open it. On the Details page scroll all the way down and view thumbprint.
- Run Powershell command on Primary ADFS Server:
Set-AdfsCertificate -CertificateType Service-Communications -Thumbprint <yourThumbprint>
Set-AdfsSslCertificate -Thumbprint <yourThumbprint>
- On Web application proxys run:
Set-WebApplicationProxySslCertificate -Thumbprint <yourThumbprint>
- Restart ADFS services or server on all servers.