locked
UAG / ADFS Certificate requirements RRS feed

  • Question

  • I have a working UAG environment and am now implementing ADFS into the mix and just need to confirm the cert requirements for ADFS. Am I correct in assuming that I need 2 certs installed on the ADFS server before I can proceed with the setup - a "Token-signing certificate" and a "Service communication certificate"? Is it best to get these certs from a Public CA or an internal CA? I have a internal CA available but just want to be sure that client PCs are not prompted with security alerts because the ADFS cert root is not in the PCs local cert store. My UAG server uses a wildcard cert for SSL communication to my UAG portal. Unfortuantely, I can't use the wildcard cert (*.domain.com) because the FQDN of the ADFS server (server.domain.local) does not match the wildcard cert.

    Many thanks.

    Monday, March 26, 2012 2:54 PM