First of all start by installing the new SSL on the computer-account on the Microsoft ADFS- and WAP-server. Do not mark the private key as exportable.
Then open a PowerShell as administrator and check the thumbprint on the new SSL-cert by typing:
dir Cert:\LocalMachine\My\
![](https://dagfriden.se/wp-content/uploads/2021/12/image.png)
Copy the thumbprint on the new cert and then run: Set-AdfsCertificate -Thumbprint “ReplaceWithThumbprint”
![](https://dagfriden.se/wp-content/uploads/2021/12/image-1.png)
Then restart the ADFS service: Restart-Service adfssrv
Then head over to the WAP-server and issue the following command:
Set-WebApplicationProxySslCertificate -Thumbprint “ReplaceWithThumbprint”
Then restart the WAP service: Restart-Service adfssrv