Hi,
We have deployed ADFS 3.0 and WAP in our Organization.
I have followed below link for ADFS Health
https://blogs.technet.microsoft.com/applicationproxyblog/2014/05/28/understanding-and-fixing-proxy-trust-ctl-issues-with-ad-fs-2012-r2-and-web-application-proxy/
I ran below command (netsh http show sslcert) it seems all the settings are proper except the host name bind on port 49443 the ctl store name as null.
Hostname:port : adfs.domain.com:49443
Certificate Hash : uneubdw458ab29d71asdaaerniuen7uaadaaws
Application ID : {18adie-daid-4389-8557-324788eb944a}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Enabled
Need to know is Ctl store name need to set as ADFSTrustedDevices or is this by default