Managing Token-signing Certificates
Applies To: Windows Server 2003 R2
Servers that are running the Federation Service component of Active Directory Federation Services (ADFS) in an account Federation Service require token-signing certificates to sign security tokens that the servers produce. You can view and change the current certificate as needed. You can also manage the certificate revocation list (CRL) to ensure that only valid certificates are in use in the Federation Service.
Task requirements
You need the following to perform the procedures for this task:
A Federation Service in an account role
A certification authority or the ability to create self-signed certificates
Active Directory Federation Services snap-in
To complete this task, perform the following procedures on an as-needed basis: