ADFS Changing certificate and ADFS servers

This short script will change the certificate from your current ADFS to the new ADFS server. I used this script to change ADFS 2.o to ADFS 4.0

One important note!

You will need to run New-SPTrustedRootAuthority on the authority certificate provider in order to prevent getting the error that the root authority is not trusted.

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(“C:\yourpath\Authcertificate.cer”)
new-SPTrustedRootAuthority -Name “ADFS4.0Auth” -Certificate $cert

clear
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(“C:\your token provider certificate path”)
New-SPTrustedRootAuthority -Name “ADFS4” -Certificate $cert
$ti = Get-SPTrustedIdentityTokenIssuer
$ti.ProviderUri = ‘https://youradfs domain/adfs/ls/‘
$ti.SigningCertificate = $cert
$ti.update()

Leave a Reply

Your email address will not be published. Required fields are marked *