View the current verification certificate

Applies To: Windows Server 2003 R2

In Active Directory Federation Services (ADFS), verification certificates are used to verify that a security token was issued by a valid federation server and that it was not modified. A verification certificate is an exported copy of the token-signing certificate of any trusted federation server.

Use this procedure to view the certificate when you want to see the information about the verification certificate that is currently being used by a federation server. For example, use this procedure if you want to ensure that the certificate is good, view the server that issued the certificate, or view its date of expiration.

Administrative credentials

To complete this procedure , you must be a member of the Administrators group on the local computer.

To view a verification certificate

1. On a federation server that hosts the Federation Service for which you want to view verification certificates, click Start, point to Administrative Tools, and then click Active Directory Federation Services.

2. Double-click Federation Service, right-click Trust Policy, and then click Properties.

3. Click the Verification Certificates tab.

4. Click the certificate that you want to view, and then click View.

See Also

Concepts

Rolling Over a Token-signing Certificate
Add a verification certificate to the trust policy
Change the token-signing certificate that a federation server uses
Remove a verification certificate