Scribd Logo
Upload

Welcome to Scribd!

  • SSL Certificate in ADFS

    Uploaded by

    Disha1
    17 views3 pages

    Original Title

    3. SSL certificate in ADFS

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views3 pages

    SSL Certificate in ADFS

    Uploaded by

    Disha1

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Why use SSL certificate in ADFS?

    When user’s access secured application with https and need to access an identity to access it and
    authentication system is ADFS.

    When a secured application sends authentication request to ADFS then it uses secured channel to pass
    the authentication information to ADFS. So we need to SSL certificate for secure channel.

    How applications send authentication information to ADFS?

    1. User access https URL of application with it credential


    2. Application redirect authentication request to ADFS secure end point “/adfs/is”. It could be
    https://sts.dakshu.in/adfs/is
    3. ADFS get validated by AD and send back ADFS token to application

    Note: - wild card certificate should be used for ADFS.

    How many kind certificates are used by the ADFS?

    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    How to certificate template for ADFS certificate?

    ADFS use public CA certificate so we need public CA certificate in production environment.

    For test environment we can use internal CA certificate so to generate internal CA certificate we need
    certificate template. We below settings to internal CA certificate template.

    1. Open CA console
    2. Certificate template
    3. Right click on computer template select duplicate template
    4. Leave first compatibility tab and go general tab and fill these information’s
     Give name ADFS certificate Such as ADFSCertificate
     Choose validity as you like
     Select check mark publish certificate in AD

    5. In the request handling tab allow mark private key to be exported by click check box

    6. 5. not making any changes in cryptography tab and key attestation tab
    7. 6. no changes in suspended template tab as well extension tab and server tab
    8. in security tab give the access right to ADFS server to enroll certificate such as read, enroll,
    autoenroll so that ADFS server can send request and enroll certificate
    9. In Subject name tab select subject name format as common name and DNS Name.

    10. Do not make any changes in server and instance requirement tab.
    11. Select apply and ok button
    12. After create template publish the template

    You might also like