Set-AdfsSslCertificate : The socket connection was aborted

Nils Vaszi 21 Reputation points

I´m trying to install new certificate on my ADFS-server (version: Windows Server 2016 AD FS).
It,s used to verify athentication to external intranet and was working prior to this certificate installation.

Imported the certificate with all intermediates in local machine/personal/Certificates
Set read rights on private keys for the ADFS-serviceaccount

Set-AdfsCertificate -CertificateType Service-Communications -Thumbprint ******

Updated fine. New cert is displayed in ADFS Manager.

When I try to bind i get error:
Set-AdfsSslCertificate -Thumbprint ******
Set-AdfsSslCertificate : The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an
underlying network resource issue. Local socket timeout was '00:01:00'.

When I run netsh http show sslcert, everything has the correct thumbprint.

When I run Get-AdfsSslCertificate, all 3 certs show the correct thumbprint.

I ran Run Get-AdfsFarmInformation but we only got one ADFS-node:

CurrentFarmBehavior FarmNodes FarmRoles

                                3   {}                    {UserState}

Have searched but i´m lost.

Regards Nils

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,186 questions
0 comments No comments
{count} votes

Accepted answer
  1. Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee

    There used to be an issue with Set-AdfsSslCertificate throwing an error even if things were working. This was fixed quite a while ago... Can you make sure you have all updates installed and that you restarted?

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Nils Vaszi 21 Reputation points

    Hi Piaudonn,
    I did a recheck and saw that even though its throwing an error when "Set-AdfsSslCertificate -Thumbprint **" the certificate got registered.
    I tested with another certificate and that got registered as well.

    The solution to get the Intranet working was probably not related to the ADFS, even though I updated the Token-Signing certificate and sent that to the Website supplier, but to one of their server that needed a restart for updates. Well Well...

    Anyway thanks for your reply and I will check for Updates on our ADFS-server.


    0 comments No comments