Posted by Gabe Moliken on 02 October 2018 03:47 PM


  1. Copy the exported certificate file to the UI server.  ***use same exported certificate used for Portal / Gateway article (directions below)
  2. Give the new ADFS token signing certificate a unique name (for example, include the year in the name).  This will help distinguish it from previous ADFS certificates.
  3. Access the UI Admin site and select this instance of UI.
  4. Select the SAML2 Auth tab and then the Identity Provider tab.
  5. Select the Import button and then Browse.
  6. In the Windows Explorer window, select the drop down in the bottom right and change Custom Files (*.crt) to All Files (*.*).
  7. Browse to the location of the new ADFS token signing certificate and choose to Upload it.
  8. Close the import certificate window.
  9. Select the drop down for the Public Certificate File field and change it to the new ADFS token signing certificate.
  10. Click Save.


NOTE: If you would like to increase the duration for auto-generated ADFS certificates then please see article How to increase the duration of ADFS auto-generated certificates.



Follow the steps below to add the new ADFS token signing certificate to UI.

  1. Open ADFS Management Panel.
  2. Expand Service.
  3. Click on Certificates.
  4. Select the PRIMARY Token Signing Certificate and right click on it.
  5. Click on View Certificate.
  6. Click on the Details tab and then Copy to File.
  7. Select Next and then select Base-64 Encoded X.509 format.
  8. Click on Next and save it to a directory.
  9. Follow the prompts until it says "The Export was Successful".



(0 vote(s))
Not helpful

Comments (0)