How to Update SSL Certificates for AD FS 3.0 in CRM IFD IntroductionMicrosoft Dynamics CRM can be configured to use SSL (Secure Sockets Layer). For this to work, an SSL certificate is required.Certificates can be purchased from certificate providers and will expire after a certain period of time. Once this time has elapsed, Microsoft Dynamics CRM will no longer work until the certificate is updated.This article describes the process to update the certificate for Microsoft Dynamics CRM Installing the new certificateYou will need to import your certificate into the local certificate store on each CRM server that uses web services, and the AD FS server if claims-based authentication is enabled.Instructions on how to import a certificate can be obtained from your certificate provider.Note: Problems may occur if you do not remove the old certificate. Add permission to the certificateIt is necessary to grant specific permissions to the certificate to allow service accounts access.The following steps show how to add permissions to the certificate. Open the Certificate Console on the server. Check out the for help. Navigate to (Local Computer) Personal Certificates.
Gone are the days where an admin could generate a 3/4/5-year SSL certificate for their ADFS deployments. Now you can look forward to this being an annual ritual (or every two years at best).This blog post aims to help simplify the process by outlining the high-level steps that are required to provision and replace the certificate for your ADFS deployment. Specifically, you need to assign full control to the ADFS service account. If you are using a managed service account be sure to scope your search for that when assigning permissions. Now you’ll want to bounce over to the ADFS Console to “Set Service Communications Certificate” You can do this via PowerShell as well.