Tuesday, August 29, 2017

ADFS : Issue with updating the SSL certificate

Using ADFS 4.0 and updating the SSL certificate.

This is on an Azure VM and I was accessing it remotely.

Ran the normal commands:

Set-AdfsCertificate -CertificateType Service-Communications -Thumbprint thumbprint

Set-AdfsSslCertificate -Thumbprint thumbprint

Error :

Set-AdfsSslCertificate -Thumbprint 24f...b35

Set-AdfsSslCertificate : PS0319: Validation task 'Test-_InternalAdfsSslCertificate' on AD FS server 'localhost' failed with error 'Connecting to remote server localhost failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig".

As per the message, running:

winrm qc

and then re-running the command fixed the problem.

Enjoy!

2 comments:

Anonymous said...

It doesn't work for, as I don't run this command remotely.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/b713e5c6-b9a7-4923-9dc4-fd95e7f3ae0b/adfs-2016-after-ssl-communication-certificate-renewal-quotpage-cant-be-displayedquot?forum=ADFS

Anonymous said...

Not for us either. Incase you haven't already found it. Removing the service account from being on the SPN, updating the cert then re-adding it does the trick.

https://community.spiceworks.com/topic/2202908-adfs-4-0-and-powershell-issue-with-set-adfssslcertificate