Office 365 update AD FS SSL certificate with Azure AD Connect


When the AD FS SSL certificate of your Office 365 infrastructure is about to expire, you need to update the AD FS SSL certificate accordingly to avoid services disruption.

During the configuration of the Office 365 environment you need to install an SSL certificate to establish a secure commnunication between Office 365 components. 

The overall procedure can be summarized as follows:


This article has been written for StarWind blog and can be found in this page. It covers the full procedure to easily update the SSL certificate for both AD FS and WAP Servers using the Azure AD Connect tool. This procedure works also if the user sign-in method is not AD FS.


Update the AD FS SSL certificate

The update procedure rely on the Microsoft Azure Active Directory Connect tool and during the configuration time the synchronization service scheduler will be suspended.

To avoid problems, the used certificate must meet the following prerequisites:

  • the subject name is either the same as the federation service name
  • it is valid for more than 30 days
  • the trust chain is valid
  • it is password protected

When the configuration has been completed successfully, you can click the Verify button to verify the AD FS sign-in or click Exit to close the wizard.


Read the full article on StarWind blog.