Make sure you have a private key that corresponds to this certificate.Import the new certificate to the Machine’s Personal Store.If SSL certificate needs to be changed following tasks needs to be done: As you can see there is certificate with name and port xxx.com:443 with thumbprint starting 78c9…. Netsh http show sslcert – show current ssl binding of machine. IIS is running at top of HTTP.sys so configuration is a little different than with earlier operating systems. Service Communications certificates only exist on Federation Servers”.Īs you already know AD FS in W2012 R2 is not dependent from IIS anymore. SSL certificates exist on all Federation Servers and Federation Server Proxy servers. Any time you are replacing one of these certificates, you must also replace the other. “Replacing the SSL and Service Communications certificates go hand-in-hand.
