码迷,mamicode.com
首页 > 其他好文 > 详细

CRM 安全证书到期操作命令

时间:2017-01-05 23:35:08      阅读:272      评论:0      收藏:0      [点我收藏+]

标签:server   ret   archive   pretty   tin   mmu   bin   命令   let   

 

I found a related TechNet Blog that shed some light on the subject:
http://blogs.technet.com/b/tune_in_to_windows_intune/archive/2013/11/13/replace-certificates-on-adfs-3-0.aspx

According to this document, after setting the Service Communications Certificate in the MMC, you must run:
Get-ADFSCertificate
to fetch the certificate thumbprint of the Service Communications Cert. Take note of the certificate thumbprint, then run:
Set-ADFSSslCertificate -Thumbprint [yourThumbprint]

“Set-AdfsSslCertificate” will fix the HTTP.SYS bindings used by ADFS. Apparently the MMC does not set the bindings, which is pretty annoying because this leaves the service in a pretty darn broken state. The HTTP bindings are mentioned in this TechNet documentation:
https://technet.microsoft.com/en-us/library/dn781428.aspx
BUT, the docs do not explicitly state that the Set-AdfsSslCertificate cmdlet needs to be run on all of the ADFS server nodes in your farm. This also is a key missing detail.

CRM 安全证书到期操作命令

标签:server   ret   archive   pretty   tin   mmu   bin   命令   let   

原文地址:http://www.cnblogs.com/Earson/p/6254327.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!