Dear All,
We have an Internal ADFS 3 and a dmz web proxy server (both server 2012). We have 0365 and bunch of other internal websites configured on these boxes.
I noticed a warning on 0365 portal regarding certificate expiring. I figured our Token-Signing and Token decryption certificates are expiry by the end of Feb.
I have been researching online on how to get the whole situation resolved before it causes any application outages. From the research I know that ADFS will generate the certificate 20 days before expiry and will promote the new certificate to primary 5 days after that. Below are the settings from my internal ADFS server:-
AutoCertificateRollover : True
CertificateCriticalThreshold : 2
CertificateDuration : 365
CertificateGenerationThreshold : 20
CertificatePromotionThreshold : 5
CertificateRolloverInterval : 720
I am not clear on...