Update Federation Trust Certificate

Almost five years ago, I had set this up. I realized the cert is about to expire. I only have on test account on prem, everything else is in the cloud.

Oauth is set up and we do have token based auth.

I followed the steps to generate a new self signed cert, everything looks good even the text file in DNS.

The issue is, when I run set-federationtrust - identity "Microsoft Federation Gateway -publishfederationcertificate, I get the following error.

[FailureCategory=Cmdlet-Live

   DomainServicesException] 2B0D1031,Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederationTrust

    + PSComputerName I have search and and tried several things for TLS 1.2

Enforcing TLS 1.2 on Windows 2019 via the reg

Windows Registry Editor Version 5.00

enforce SchUseStrongCrypto

Force Powershell to run tls1.2

I had to remove some of the verbage - i think the forum does not like it.

Does anyone have any ideas
Thanks
Paul