Saturday, May 14, 2016

The message: "One of your on-premises Federation Service certificates is expiring..." is presented when you log into the Office 365 portal at


You’ve recently noticed that you receive the following message when logging into the Office 365 portal at

One of your on-premises Federation Service certificates is expiring. Failure to renew the certificate and update trust properties within 27 days will result in a loss of access to all Office 365 services for all users.


You’ve checked your on-prem hosted ADFS server’s certificate and verified that it has not expired:



The following are 2 options I found after browsing the internet looking for an answer:

Option #1 – Manually renew the certificate

"One of your on-premises Federation Service certificates is expiring" message in the Office 365 portal

Option #2 – Wait and allow certificate to auto renew

The following forum topic was responded by a Microsoft support representative indicating that the certificate should auto renew:

The day that I checked on the certificate was April 20 and launching the AD FS Management console on the ADFS server…


… then navigating to AD FS > Service > Certificates showed that the certificate was expiring on June 1 which was more than 20 days before the expiration date:


What I ended up doing was set up a calendar reminder on the 19 day before June 1 to check back and when I did on May 13, I noticed that the ADFS server had indeed renewed the Token-decrypting and Token-signing certificate the day before on May 12:


Logging onto Office 365 via also confirmed that the warning message was no longer displayed:


No comments: