View the current token-signing certificate

Applies To: Windows Server 2003 R2

Each Active Directory Federation Services (ADFS) federation server uses a token-signing certificate to digitally sign all security tokens that it produces. You can view the certificate to check its expiration date, revocation status, and other details.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To view the current token-signing certificate

1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

2. Right-click Federation Service, and then click Properties.

3. On the General tab, under Token-signing certificate, click View.

4. On the General tab in the Certificate property sheet, assess the validity of the certificate by noting the Valid from and to dates, and whether the certificate has a private key associated with it, and then click OK twice.