Thursday, June 28, 2012 10:33 PM
I was having some problems with the original SSL Certificate that I created and bound to IIS, therefore, I deleted it and re-created it.
However, I had earlier used the certificate while configuring the ADFS 2.0 service and now when I look under the Certificates area for Service communications, I see the error message "Certificate not found in store" beneath the Service communications heading.
Now that I have installed the new certificate, I want to set the new Service communications certificate, however, when I click on the option for "Set Service Communications Certificate", I get the following error message "The certificate could not be processed. Error message: Object reference not set to an instance of an object."
Is there a way for me to set the new Service Communications certificate for ADFS either through the UI or through a PowerShell command? I have already configured everything in SharePoint to work with my ADFS Server, so I would hate to have to start all over from scratch again.
Friday, June 29, 2012 1:03 AM
Friday, June 29, 2012 12:55 PM
This is the error message that I get when I attempt to run this command:
Add-ADFSCertificate : Cannot validate argument on parameter 'CertificateType'. The argument "Service-Communications" does not belong to the set
"Token-Decrypting,Token-Signing" specified by the ValidateSet attribute. Supply an argument that is in the set and then try the command again.
Any other ideas?
Thursday, July 05, 2012 10:33 AM
I also recently encountered with this problem. The only thing that helped me is reinstalling ADFS service (Uninstall from Server, restart, Install again). I have set up ADFS again, and only after this certificate has appeared.
- Marked As Answer by vs2010junkie Tuesday, July 10, 2012 7:51 PM
Wednesday, December 05, 2012 2:18 PM
I can confirm that the above is correct (" ... The only thing that helped me is reinstalling ADFS service (Uninstall from Server, restart, Install again). I have set up ADFS again, and only after this certificate has appeared.).
I have tried before the option with the Powershell command as I simply wanted to avoid the extra time to demolish the AD FS 2.0 installation but it simply did not work (same error message as above). Last but not least I decided to uninstall AD FS 2.0 - it was done so fast - no comparison to the amount of time I've spent before trying to get it fixed.
So - don't hesitate and simply take the easier approach - it's definitely worth!
Tuesday, January 15, 2013 8:00 PM
To add the certificate, first make sure the certificate is installed in the certificate store for the computer account and that it has a private key. Right-click the cert, All Tasks> Manage Private keys and make sure that the ADFS service account has read permission to the private key.
Open the certificate and copy the thumprint
Now open an elevated powershell console (run as administrator) and run the following commands:
Add-PsSnapin Microsoft.Adfs.PowerShell Set-AdfsCertificate -CertificateType "Service-Communications" -Thumbprint "aa bb cc dd ..."
Replace "aa bb cc dd ..." above with the thumbprint from your own certificate
Finally, restart the ADFS 2.0 service.
- Proposed As Answer by Robin Gaal Wednesday, February 06, 2013 8:55 AM