Forum Discussion
ADFS 3.0 new token-signing cert not in federationmetadata
Apologies.......failed to post an update after we resolved it.
Ended up having to reboot the ADFS servers. Cycling the ADFS service wasn't enough. Likely some other internal issue that needs to be looked at, and will, but this specific problem with the metadata is resolved.
Apologies.......failed to post an update after we resolved it.
Ended up having to reboot the ADFS servers. Cycling the ADFS service wasn't enough. Likely some other internal issue that needs to be looked at, and will, but this specific problem with the metadata is resolved.
Hello,
we have a similar issue with our federationmetadata.xml
We generated new token signing and encryption certificates on Dec.22 2017 but just the token signing certificate appears in the federationmetadata.xml very strange.
The ADFS servers have been restarted a few days after the certificate generation by auto reboot after installing windows updates.
here ist the output of the web-request command:
PS C:\WINDOWS\system32> $metadata = Invoke-WebRequest -Uri "https://server.domain.com/federationmetadata/2007-06/federationmetadata.xml"
([XML] $metadata.Content).EntityDescriptor.RoleDescriptor.KeyDescriptoruse KeyInfo
--- -------
encryption KeyInfo
signing KeyInfo
signing KeyInfoDoes anyone have an idea why the new token encryption certificate not in the federationmetadata ?
Best regards
Martin
