Many times we are required to update X.509 certificate for Trusted Identity Provider because certificate may have expired or may be we were using self-signed certificate and now wants to replace with commercial CA issued certificates.
Use this PowerShell commands to update certificate for existing Trusted Identity Provider.
$newCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\MyCerts\CA_Issued_Cert.cer") New-SPTrustedRootAuthority -Name "New CA Issued Cert" -Certificate $newCert Set-SPTrustedIdentityTokenIssuer -Identity "My Id Provider" -ImportTrustCertificate $newCert
If you want to remove the old/expired certificate from SharePoint trust root, use this command to delete the certificate.
Remove-SPTrustedRootAuthority -Identity "My Old Cert"
Hope this helps.
-Javed.
No comments:
Post a Comment