The following forum(s) have migrated to Microsoft Q&A: All English Windows Server forums!
Visit Microsoft Q&A to post new questions.

Learn More

Remove From My Forums

ADFS Certificatation

Question
0

Sign in to vote

Hello All,

there is a WAP server and ADFS server on my network and will create federation with office 365.

Our netwrok team do SSL ofloading on F5 firewall and dont want to share SSL cerfificate with private key.

does ADFS supoort SSL ofloading ?

can i use internal certificates which i wll create on local CA for ADFS and WAP ?

thank you

Wednesday, November 15, 2017 12:44 PM

All replies

0

Sign in to vote

When federating with Office 365, there is no need to share any private key. Actually, you should never share a private key, it's private...

Then there are things you can do and things you can't.

You cannot do offloading or any type of inspection that terminates the SSL tunnel between WAP and ADFS.

You can do it on the front of ADFS but this break certificate based (TLS) authentication. Things are explained in details here: SSL Termination with Web Application Proxy and AD FS 2012 R2 https://blogs.technet.microsoft.com/applicationproxyblog/2014/07/04/ssl-termination-with-web-application-proxy-and-ad-fs-2012-r2/
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Wednesday, November 15, 2017 8:33 PM