locked
ADFS Certificates & Certificate Generation Error RRS feed

  • Question

  • Hi

    My environment is server 2012 R2 + ADFS 3.0 for office 365.   The certifcate has expired,  when i run Update-ADFSCertificate -CertificateType: Token-Signing -Urgent:$true,  it generate an error.

    PS C:\Windows\system32> Update-ADFSCertificate -CertificateType: Token-Signing -
    Urgent:$true
    Update-ADFSCertificate : The server was unable to process the request due to
    an internal error.  For more information about the error, either turn on
    IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from
    the <serviceDebug> configuration behavior) on the server in order to send the
    exception information back to the client, or turn on tracing as per the
    Microsoft .NET Framework SDK documentation and inspect the server trace logs.
    At line:1 char:1
    + Update-ADFSCertificate -CertificateType: Token-Signing -Urgent:$true
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidData: (:) [Update-AdfsCertificate], Fault
       Exception
        + FullyQualifiedErrorId : The server was unable to process the request due
        to an internal error.  For more information about the error, either turn
      on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or
      from the <serviceDebug> configuration behavior) on the server in order to
     send the exception information back to the client, or turn on tracing as
    per the Microsoft .NET Framework SDK documentation and inspect the server
    trace logs.,Microsoft.IdentityServer.Management.Commands.UpdateCertificate
    Command


    Tuesday, March 21, 2017 9:56 PM

All replies

  • Are you using Self Signed certificated for your ADFS farm?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, April 4, 2017 7:23 PM
  • I do have exactly the same problem and our Token-Signing-Certificate becomes invalid in about 3 weeks from now. In our environment we are using self-signed Token-Certificate as recommend.

    How to solve the issue?

    Monday, March 19, 2018 1:53 PM
  • Did any of you resolve this? We are facing the same problem and the cert expires in 2 days. We waited so long because the cert was suposed to renew itself, but it didn't.
    Wednesday, May 2, 2018 11:45 AM