Set a Service Communications Certificate
Applies To: Active Directory Federation Services (AD FS) 2.0
Federation servers in Active Directory Federation Services (AD FS) 2.0 use the service communications certificate to secure Web services traffic for Secure Sockets Layer (SSL) communication with Web clients or with federation server proxies. This is the same certificate that a federation server uses as the SSL certificate in Internet Information Services (IIS).
You can use the following procedure to change the service communications certificate with the AD FS 2.0 Management snap-in.
Note
The AD FS 2.0 Management snap-in refers to server authentication certificates for federation servers as service communication certificates.
Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).
To set a service communications certificate
Click Start, point to All Programs, click Administrative Tools, and then click AD FS 2.0 Management.
In the console tree, double-click Service, and then click Certificates.
In the Actions pane, click the Set Service Communications Certificate link.
In the Select a service communications certificate dialog box, navigate to the certificate file that you want to set as the service communications certificate, select the certificate file, and then click Open.