locked
Existing ADFS 2.0 Server + Office 365 RRS feed

  • Question

  • Hello,

    We are in process of deploying Office 365 solution in our environment. We have existing ADFS 2.0 Proxy and ADFS Server in the organization and it is federarted with multiple partners. There is already a certficate configured with the name of FG.domain.com. Now the queries are:

    1. DO we need to procure another certificate for Office 365 SSO (Sts.domain.com) or it can be configured with existing certificate.

    2. If we need to procure and configure new certificate for office 365, can we configure 2 certificate in ADFS Server, one is new one and another is existing one or need SAN certificate which has both the names (New+Existing).

    3. If i have SHA1 certificate, will it work atleast by year end of 2016 or Certificates needs to be upgraded before start working on ADFS federation with office 365 hybrid server

    Thanks.

    AS

    Thursday, January 21, 2016 10:09 PM

Answers

  • Hi How Are you?
    Step to answer your questions,
    1) You can use the one you already have (FG.domain.com) you can also buy a new one
    2) It would be advisable to purchase a SAN or Wildcard certificate anyway you can use the ones you have more another, but it is more practical to have one
    3) I recommend that already Emims with SHA256 encryption

    I hope to have resolved the doubts
    Best regards

    • Marked as answer by ankursinghal1 Friday, January 22, 2016 9:52 PM
    Friday, January 22, 2016 12:55 AM

All replies

  • Hi How Are you?
    Step to answer your questions,
    1) You can use the one you already have (FG.domain.com) you can also buy a new one
    2) It would be advisable to purchase a SAN or Wildcard certificate anyway you can use the ones you have more another, but it is more practical to have one
    3) I recommend that already Emims with SHA256 encryption

    I hope to have resolved the doubts
    Best regards

    • Marked as answer by ankursinghal1 Friday, January 22, 2016 9:52 PM
    Friday, January 22, 2016 12:55 AM
  • Hi,

    Thanks Christian for your response.

    Need some more clarity on my Point number 2. Let me rephrase this point as per my updated scenario.

    We have exisiting ADFS Server which is ferderated with multiple Partners and the certificate is like fs.domainIT.com. We have to use these servers for office 365 SSO but our SMTP domain is different like FS.domain.com which is not matching the ADFS Cert, our existing certificate is a wildcard certificate. Now i understand this that this wildcard certficate can not be used in my scenario. Please correct me if i am not correct?

    And other queries are:

    1. If we need to procure one more certificate for our exchange, how can we configure the 2 certificate on ADFS Server (One is exisitng + one new one). Is it a supported scenario ?.

    Or

    We must buy a SAN certificate which has new cert name and other existing certificates name. Existing certifificate was *.domainIT.com, it can handle many partners.

    Do we have an option in SAN certificate to take one of the new domain as required and cover exisiting wildcard certificate like *.DomainIT.com.

    Thanks.

    Friday, January 22, 2016 10:15 PM
  • Please respond.
    Monday, January 25, 2016 5:38 PM