locked
Understand ADFS Port 49443 and CTL Store Name RRS feed

  • Question

  • Hi,

    We have deployed ADFS 3.0 and WAP in our Organization.

    I have followed below link for ADFS Health

    https://blogs.technet.microsoft.com/applicationproxyblog/2014/05/28/understanding-and-fixing-proxy-trust-ctl-issues-with-ad-fs-2012-r2-and-web-application-proxy/

    I ran below command (netsh http show sslcert) it seems all the settings are proper except the host name bind on port 49443 the ctl store name as null.

    Hostname:port                : adfs.domain.com:49443

    Certificate Hash             : uneubdw458ab29d71asdaaerniuen7uaadaaws

    Application ID               : {18adie-daid-4389-8557-324788eb944a}

    Certificate Store Name       : MY

    Verify Client Certificate Revocation : Enabled

    Verify Revocation Using Cached Client Certificate Only : Disabled

    Usage Check                  : Enabled

    Revocation Freshness Time    : 0

    URL Retrieval Timeout        : 0

    Ctl Identifier               : (null)

    Ctl Store Name               : (null)

    DS Mapper Usage              : Disabled

    Negotiate Client Certificate : Enabled

    Need to know is Ctl store name need to set as ADFSTrustedDevices or is this by default


    • Edited by SonarPal Thursday, March 30, 2017 10:51 AM
    Thursday, March 30, 2017 10:43 AM