Problem
You need update the ADFS Proxy server’s certificate as per the following instructions:
Managing SSL Certificates in AD FS and WAP in Windows Server 2016
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-certificates-ad-fs-wap
… but executing the command throws the error:
PS C:\Users\Administrator> Set-WebApplicationProxySslCertificate "54d87e8e2acc62de2d8cff943f8f5ebdd1db330c"
Set-WebApplicationProxySslCertificate : A positional parameter cannot be found that accepts argument
'54d87e8e2acc62de2d8cff943f8f5ebdd1db330c'.
At line:1 char:1
+ Set-WebApplicationProxySslCertificate "54d87e8e2acc62de2d8cff943f8f5ebdd1db330c"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-WebApplicationProxySslCertificate], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.IdentityServer.Management.Proxy.Commands.SetSslCer
tificateCommand
PS C:\Users\Administrator> Set-WebApplicationProxySslCertificate -thumbprint "54d87e8e2acc62de2d8cff943f8f5ebdd1db330c"
Message Context Status
------- ------- ------
The configuration completed successf... DeploymentSucceeded Success
PS C:\Users\Administrator> Get-WebApplicationProxySslCertificate
HostName PortNumber CertificateHash
-------- ---------- ---------------
adfs.domain.com 443 54D87E8E2ACC62DE2D8CFF943F8F5EBDD1DB330C
adfs.domain.com 49443 54D87E8E2ACC62DE2D8CFF943F8F5EBDD1DB330C
PS C:\Users\Administrator>
Solution
The reason why this error is thrown is because the cmdlet shown on the website is missing the -Thumprint switch. To correct this, use the same syntax as the cmdlet for the internal ADFS server as shown below:
No comments:
Post a Comment