This is how to renew the Certify Certificate required for Single Sign On.
1. Get Administrator rights to Certify
- Click the Gear in the Upper Right corner of the screen.
- In the "View & Edit Integrations" section click on Configure Single Sign-On
- Click the hyperlink "Download our Metadata"
A file will download called federationmetadata.xml
2. Copy federationmetadata.xml to \\USKIADFS3\Misc ADFS Files\
3. Remote into USKIADFS3
- Open Powershell with Admin rights
- Run this command: Update-AdfsRelyingPartyTrust -TargetName 'Cert' -MetadataFile 'C:\Misc ADFS Files\federationmetadata.xml'
- Open AD FS and browse to Relying Party Trusts and Click on 'Cert'
- In the Actions section click on Refresh
- Right-Click on 'Cert' and choose Properties
- Click on the Encryption tab and verify the Expiration data has updated.
- Click on the Identifiers tab and verify both entries exist:
4. Certificate Tracker
- Go to: IT System Portfolio - Certificate Tracker - All Items (sharepoint.com)
- Find the entry for Certify and update the Expiration date.
5. Rename federationmetadata.xml located in Misc ADFS Files to Certify_(Year), e.g. Certify_2024