Managing Client Authentication Certificates

Applies To: Windows Server 2003 R2

Servers that are running the Federation Service Proxy component of Active Directory Federation Services (ADFS) require Secure Sockets Layer (SSL) client authentication certificates to authenticate to the Federation Service.

Task requirements

You need the following to perform the procedures for this task:

• A certification authority or the ability to create self-signed certificates

• A server that is running the Federation Service Proxy component of ADFS

• Active Directory Federation Services snap-in

To complete this task, perform the following procedures on an as-needed basis:

• Create a self-signed, token-signing certificate

• View the current client authentication certificate

• Export the public key portion of a client authentication certificate

• Add a Federation Service Proxy certificate to the trust policy

• Change the client authentication certificate that a federation server proxy uses

See Also

Concepts

Rolling Over a Client Authentication Certificate