{"id":12858,"date":"2015-06-03T10:00:16","date_gmt":"2015-06-03T08:00:16","guid":{"rendered":"http:\/\/nolabnoparty.com\/?p=12858"},"modified":"2019-12-16T13:53:18","modified_gmt":"2019-12-16T12:53:18","slug":"adfs-3-0-ssl-certificate-signing-request-pt-2","status":"publish","type":"post","link":"https:\/\/nolabnoparty.com\/en\/adfs-3-0-ssl-certificate-signing-request-pt-2\/","title":{"rendered":"ADFS 3.0 SSL certificate signing request - pt. 2"},"content":{"rendered":"<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate01\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate01.jpg\" alt=\"adfs30certificate01\" width=\"602\" height=\"202\" border=\"0\" \/><\/p>\n<p>ADFS 3.0 for its implementation\u00a0requires a\u00a0dedicated\u00a0SSL certificate\u00a0to be installed in the ADFS servers to provide users with single sign-on access to Office 365 platform.<\/p>\n<p>If you plan to implement Office 365 in your company, ADFS is the service you should consider to keep the authentication process synchronized within all devices. A\u00a0simpler solution instead of ADFS is the configuration of the <a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-install-directory-sync-tool-pt-6\/\">DirSync tool <\/a>but the authentication management is kept separated.<\/p>\n<p><!--more--><\/p>\n<p>&nbsp;<\/p>\n<h2>Blog series<\/h2>\n<p><a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-setup-upn-suffix-for-office-365-sso-pt-1\/\">ADFS 3.0 setup UPN suffix for Office 365 SSO - pt. 1<\/a><br \/>\nADFS 3.0 SSL certificate signing request - pt. 2<br \/>\n<a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-install-adfs-server-pt-3\/\">ADFS 3.0 install ADFS Server - pt. 3<\/a><br \/>\n<a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-install-wap-server-pt-4\/\">ADFS 3.0 install WAP Server - pt. 4<\/a><br \/>\n<a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-federating-office-365-pt-5\/\">ADFS 3.0 federating Office 365 - pt. 5<\/a><br \/>\n<a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-install-directory-sync-tool-pt-6\/\">ADFS 3.0 install Directory Sync tool - pt. 6<\/a><br \/>\n<a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-deploy-office-365-pt-7\/\">ADFS 3.0 deploy Office 365 - pt. 7<\/a><\/p>\n<p>&nbsp;<\/p>\n<h2>Prerequisites<\/h2>\n<p>To setup the ADFS infrastructure you need the following:<\/p>\n<ul>\n<li>At least two Windows 2012 R2 Server joined to the domain<\/li>\n<li>One Windows 2012 R2 Server NOT joined to the domain and residing in DMZ area<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>Request the SSL certificate<\/h2>\n<p>Since ADFS 3.0 doesn't need\u00a0IIS as required\u00a0in\u00a0previous release but it relies on a\u00a0<strong>SSL certificate<\/strong> to work, before starting the configuration we need to make a certificate request from the machine we are going to use for the ADFS setup.<\/p>\n<p>From <strong>Start &gt; Search program and files<\/strong> type the command <strong>mmc<\/strong> then press <strong>Enter<\/strong> to run the <strong>Snap-in console<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate02\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate02.jpg\" alt=\"adfs30certificate02\" width=\"484\" height=\"279\" border=\"0\" \/><\/p>\n<p>From <strong>File<\/strong> menu select <strong>Add\/remove Snap-in<\/strong> option.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate03\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate03.jpg\" alt=\"adfs30certificate03\" width=\"600\" height=\"386\" border=\"0\" \/><\/p>\n<p>Select <strong>Certificates<\/strong> then click <strong>Add <\/strong>button.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate04\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate04.jpg\" alt=\"adfs30certificate04\" width=\"600\" height=\"422\" border=\"0\" \/><\/p>\n<p>Since the certificate refers to the machine itself, select <strong>Computer account<\/strong> option then click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate05\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate05.jpg\" alt=\"adfs30certificate05\" width=\"534\" height=\"395\" border=\"0\" \/><\/p>\n<p>Select <strong>Local computer<\/strong> and click <strong>Finish<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate06\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate06.jpg\" alt=\"adfs30certificate06\" width=\"534\" height=\"395\" border=\"0\" \/><\/p>\n<p>When the <strong>Certificates snap-in<\/strong> is added to the right pane, click <strong>OK<\/strong> to open the console.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate07\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate07.jpg\" alt=\"adfs30certificate07\" width=\"600\" height=\"422\" border=\"0\" \/><\/p>\n<p>Expand the <strong>Certificates<\/strong> item and right click <strong>Personal<\/strong>. Select <strong>All Tasks &gt; Advanced Operations &gt; Create Custom Request<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate08\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate08.jpg\" alt=\"adfs30certificate08\" width=\"600\" height=\"379\" border=\"0\" \/><\/p>\n<p>The <strong>Certificate Enrollment<\/strong> Wizard opens. Click <strong>Next<\/strong> to proceed.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate09\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate09.jpg\" alt=\"adfs30certificate09\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>Select <strong>Proceed without enrollment policy<\/strong> option then click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate10\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate10.jpg\" alt=\"adfs30certificate10\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>Select <strong>(No template) CNG key<\/strong> value from the <strong>Template<\/strong> drop down menu and <strong>PKCS #10<\/strong> option as <strong>Request format<\/strong>. Click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate11\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate11.jpg\" alt=\"adfs30certificate11\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>With the certificate template\u00a0previously selected you will get the\u00a0error message shown in the picture during the ADFS configuration since <strong>CNG private key is not supported<\/strong>. Keep in mind in case of.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate12\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate12.jpg\" alt=\"adfs30certificate12\" width=\"600\" height=\"439\" border=\"0\" \/><\/p>\n<p>ADFS requires a different certificate template type. From the <strong>Certificate Enrollment Wizard<\/strong> select <strong>(No template) Legacy key<\/strong> value from the <strong>Template<\/strong> drop down menu and <strong>PKCS #10<\/strong> option as <strong>Request format<\/strong>. Click <strong>Next<\/strong> to continue.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate13\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate13.jpg\" alt=\"adfs30certificate13\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>Click on <strong>Details<\/strong> to show the additional info and click on <strong>Properties<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate14\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate14.jpg\" alt=\"adfs30certificate14\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>In the <strong>General<\/strong> tab type a <strong>Friendly name<\/strong>\u00a0to better identify the certificate and a <strong>Description<\/strong>. Select <strong>Subject<\/strong> tab when done.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate15\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate15.jpg\" alt=\"adfs30certificate15\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>In this tab we are going to configure the certificate properties. From the <strong>Type<\/strong> drop down menu select <strong>Common name<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate16\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate16.jpg\" alt=\"adfs30certificate16\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>In the <strong>Value<\/strong> field type the name of your ADFS and click <strong>Add<\/strong>. This name is what will be configured in the <strong>public DNS<\/strong>. Click <strong>Add<\/strong> to add the <strong>Common Name<\/strong> to the certificate.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate17\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate17.jpg\" alt=\"adfs30certificate17\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Now select <strong>Organization<\/strong> from the drop down menu and type the <strong>Value<\/strong> then click <strong>Add<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate18\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate18.jpg\" alt=\"adfs30certificate18\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Select <strong>Organization unit<\/strong>, type a <strong>Value<\/strong> and click <strong>Add<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate19\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate19.jpg\" alt=\"adfs30certificate19\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Select <strong>Locality<\/strong>, type a <strong>Value<\/strong> and click <strong>Add<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate20\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate20.jpg\" alt=\"adfs30certificate20\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Select <strong>State<\/strong>, type a <strong>Value<\/strong> and click <strong>Add<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate21\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate21.jpg\" alt=\"adfs30certificate21\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Select <strong>Country<\/strong>, type a <strong>Value<\/strong> and click <strong>Add<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate22\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate22.jpg\" alt=\"adfs30certificate22\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>When the certificate properties has been set, select <strong>Private Key<\/strong> tab.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate23\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate23.jpg\" alt=\"adfs30certificate23\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Click on the <strong>Cryptographic Service Provider<\/strong>'s <strong>^ symbol<\/strong> to expand the properties and select <strong>Microsoft RSA SChannel Cryptographic Provider (Encryption)<\/strong> option.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate24\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate24.jpg\" alt=\"adfs30certificate24\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Click on the <strong>Key options<\/strong>' <strong>^ symbol<\/strong> to expand the properties and set <strong>2048 as Key size<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate25\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate25.jpg\" alt=\"adfs30certificate25\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Enable <strong>Make private key exportable<\/strong> option. Click <strong>OK<\/strong> to save the certificate properties.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate26\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate26.jpg\" alt=\"adfs30certificate26\" width=\"516\" height=\"514\" border=\"0\" \/><\/p>\n<p>Click <strong>Next<\/strong> to continue with the request process.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate27\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate27.jpg\" alt=\"adfs30certificate27\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>Type a <strong>File Name<\/strong> and set <strong>Base 64 as File format<\/strong>. Click <strong>Finish<\/strong> to complete the procedure.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate28\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate28.jpg\" alt=\"adfs30certificate28\" width=\"600\" height=\"435\" border=\"0\" \/><\/p>\n<p>Select <strong>Certificate Enrollment &gt; Certificates<\/strong> and check if the certificate request shows up in the right pane.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate29\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate29.jpg\" alt=\"adfs30certificate29\" width=\"600\" height=\"373\" border=\"0\" \/><\/p>\n<p>Copy and paste the certificate in the <strong>Certificate Signing Request<\/strong> filed of the selected\u00a0CA.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate30\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate30.jpg\" alt=\"adfs30certificate30\" width=\"600\" height=\"567\" border=\"0\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2>Import the signed certificate<\/h2>\n<p>When the CA returns the signed certificate, it must be imported in the machine. From the Certificates' snap-in console, select <strong>Personal &gt; All Tasks &gt; Import option<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate31\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate31.jpg\" alt=\"adfs30certificate31\" width=\"600\" height=\"373\" border=\"0\" \/><\/p>\n<p>The <strong>Certificate Import Wizard<\/strong> opens. Click <strong>Next<\/strong> to continue.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate32\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate32.jpg\" alt=\"adfs30certificate32\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Clicking the <strong>Browse<\/strong> button select the signed certificate file then click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate33\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate33.jpg\" alt=\"adfs30certificate33\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Place the certificate in <strong>Personal Certificate store<\/strong> and click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate34\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate34.jpg\" alt=\"adfs30certificate34\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Click <strong>Finish<\/strong> to import the certificate.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate35\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate35.jpg\" alt=\"adfs30certificate35\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Click <strong>OK<\/strong> to close the confirmation window.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate36\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate36.jpg\" alt=\"adfs30certificate36\" width=\"261\" height=\"172\" border=\"0\" \/><\/p>\n<p>Select <strong>Personal &gt; Certificates<\/strong> to check the issued certificate. The certificate has been imported successfully in the local computer.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate37\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate37.jpg\" alt=\"adfs30certificate37\" width=\"600\" height=\"373\" border=\"0\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2>Export the certificate with private key<\/h2>\n<p>As seen in <a title=\"ADFS 3.0 setup UPN suffix for Office 365 SSO \u2013 pt. 1\" href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-setup-upn-suffix-for-office-365-sso-pt-1\/\">part 1<\/a> during the ADFS setup, another component of the infrastructure (ADFS-WAP) requires the same certificate for its functionality.<\/p>\n<p>From the <strong>Certificate console<\/strong>\u00a0export the certificate including the <strong>private key<\/strong>. From <strong>Personal &gt; Certificates<\/strong> right click the issued certificate and select <strong>All Tasks &gt; Export<\/strong> option.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate38\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate38.jpg\" alt=\"adfs30certificate38\" width=\"600\" height=\"373\" border=\"0\" \/><\/p>\n<p>The <strong>Export Wizard<\/strong> opens. Click <strong>Next<\/strong> to proceed.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate39\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate39.jpg\" alt=\"adfs30certificate39\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Select <strong>Yes, export the private key<\/strong> option and click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate40\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate40.jpg\" alt=\"adfs30certificate40\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Leave default options and click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate41\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate41.jpg\" alt=\"adfs30certificate41\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>For security reasons, assign a <strong>Password<\/strong> to protect the private key.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate42\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate42.jpg\" alt=\"adfs30certificate42\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Type a <strong>File name<\/strong> and click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate43\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate43.jpg\" alt=\"adfs30certificate43\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Click <strong>Finish<\/strong> to export the certificate.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate44\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate44.jpg\" alt=\"adfs30certificate44\" width=\"549\" height=\"528\" border=\"0\" \/><\/p>\n<p>Click <strong>OK<\/strong> to close the confirmation window.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate45\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate45.jpg\" alt=\"adfs30certificate45\" width=\"226\" height=\"155\" border=\"0\" \/><\/p>\n<p>The <strong>certificate .pfx<\/strong> has been exported successfully.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"adfs30certificate46\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/05\/adfs30certificate46.jpg\" alt=\"adfs30certificate46\" width=\"436\" height=\"196\" border=\"0\" \/><\/p>\n<p>In <a title=\"ADFS 3.0 install ADFS server \u2013 pt. 3\" href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-install-adfs-server-pt-3\/\">part 3<\/a>\u00a0we'll start installing\u00a0the <strong>ADFS service in the server<\/strong> as first component of the infrastructure.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/images\/firma.jpg\" alt=\"firma\" title=\"\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ADFS 3.0 for its implementation\u00a0requires a\u00a0dedicated\u00a0SSL certificate\u00a0to be installed in the ADFS servers to provide users with single sign-on access to Office 365 platform. If you plan to implement Office 365 in your company, ADFS is the service you should consider to keep the authentication process synchronized within all devices. A\u00a0simpler solution instead of ADFS is the configuration of the DirSync tool but the authentication management is kept separated.<\/p>\n","protected":false},"author":3,"featured_media":12812,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":{"linkedin_93tdZWzMZc_93tdZWzMZc":"","facebook_2879994398731222_17841400390232720":"","twitter_113568041_113568041":"","mastodon_115463926174894442_115463926174894442":""},"rop_publish_now_history":[],"rop_publish_now_status":"pending","footnotes":""},"categories":[1065,1721],"tags":[682,1583,680],"class_list":["post-12858","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-en","category-office365-en","tag-certificate-en","tag-office365","tag-ssl-en","has_thumb"],"_links":{"self":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/12858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/comments?post=12858"}],"version-history":[{"count":0,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/12858\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media\/12812"}],"wp:attachment":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media?parent=12858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/categories?post=12858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/tags?post=12858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}