We have workshops to help move off ADFS https://techcommunity.microsoft.com/t5/community-events-list/microsoft-workshops-how-to-successfully-migrate-away-from-ad-fs/m-p/3668480 & https://www.microsoft.com/en-us/security/business/identity-access/upgrade-adfs
question on self signed cert for ADFS 3.0
I am following an instruction provided by a vendor to setup a ADFS for a SSO for their product. At some point it tells to use Windows SDK to do self sign cert.
My server is 2012r2. I download SDK 7.1 (it is for windows 7/10 and please correct me if this is a wrong thing to install but I could not find something else.).
After the install, I go to bin and follow the command "makecert". However, it did not ask me to put in the server fully domain qualify name..instead it keeps asking for creating a password. Once I did it and generated the cert, it does not include a correct domain name but display adfs.domain.com in it.
May I ask what I have done wrong? Or in ADFS, should I import a real cert at the first time setup?
thank you for your help in advance.