I would like to test my secondary certificate upstream with my third-party services

Aman Gokul 1 Reputation point


Here is the situation: I have a farm of 2 ADFS

servers, coupled with 2 WAP servers.

I use ADFS authentication for Office365, Github, AWS accounts, and other third parties. The primary certificate expires on August 18, 2021.

So I manually spent the creation of the secondary certificate to have a little more room than the 30 days of automatic operation.

My new certificate was generated with the correct commands, no problem.

I would like to test my secondary certificate upstream with my third-party services (AWS, Github in particular), but when I provide information for example on Github with the SAML test module the public key of my secondary certificate ("signing" key), it gives me says this key is not valid. My question is: How can I test my secondary certificate to be sure that when I am going to take it primary, it is recognized by my third-party services? (on which I will obviously

have put the public key of the secondary

certificate or the new metadata XML file).

Moreover, concerning the XML metadata file that I generated following the creation of the secondary certificate, I can clearly see that in its content, the public keys of the 2 certificates are present, from there I think it's OK because I was able to test on AWS and the new metadata file works on a test account.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
991 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,348 questions
{count} votes