"One of your on-premises Federation Service certificates is expiring. Failure to renew the certificate and update trust properties within 5 days will result in a loss of access to all Office 365 services for all users"
I checked my ADFS server i.e. Windows Server 2008 R2, ADFS 2.0 management, Service -> Certificates
The Token-signing shows: expiration date: 16/10/2018
it does not make sense at all, as today is 26/09/2018, the O365 portal says I have only 5 days left which would be on the 1/10/2018, and the Token-signing cert due date is 16/10/2018.
Can anyone shed a light on my issue, that would be really appreciated.
Its very simple, Microsoft wants you to be safe and avoid a resume and generating event, so they make a 30 day. This makes the warning and automatic renewal overlap by 5 days to make sure you have enough time to update Office 365 before the old certificate expires.
Expiration minus 45 days – Issue federation certificate expiration warning in the Portal
Expiration minus 20 days – automatically renew a token-signing certificate
Expiration minus 19 days – scheduled task updates Office 365 with a new token-signing certificate.