Please note: These WebEx forums have replaced the earlier site forums. All the previous threads and posts have been replicated here, and if you subscribed to the previous forums, please re-subscribe. Thank you.

« Back to User Management

RE: ADFS Expiring Cert

Combination View

Rahul Patel Posts: 6 Join Date: 7/9/10 Recent Posts	ADFS Expiring Cert webex sso adfs Answer 3/6/13 5:04 AM Mark as an Answer Submit Reply with Quote Quick Reply Hello, The token Signing Cert and the decrypting on my ADFS server is going to expire. The token signing cert is the one, that was imported into WebEx for SSO to work. Does anyone know how to regenerate this token signing Cert? Thank you, Rahul Patel
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Nathan Morrow Posts: 78 Join Date: 3/29/11 Recent Posts	RE: ADFS Expiring Cert Answer 3/6/13 6:55 PM as a reply to Rahul Patel. Mark as an Answer Submit Reply with Quote Quick Reply There are many methods available for generating a certificate that would work. WebEx SSO supports self-signed certificates as well as signed. Your best bet would be to generate a new certificate in the same way that you did originally. You will need to update your WebEx SSO configuration and your IdMS configuration with the new certificate once it is generated.
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Rahul Patel Posts: 6 Join Date: 7/9/10 Recent Posts	RE: ADFS Expiring Cert Answer 3/6/13 7:17 PM as a reply to Nathan Morrow. Mark as an Answer Submit Reply with Quote Quick Reply Hello Nathan, So, I created a self-signed cert on the ADFS server. Added it as a Token-Signing cert in the ADFS Management. Marked it primary and then exported it. Removed the cert from WebEx and installed the new one. This did not work for me. Therefore, I reverted back. Do I need to export the SAML metadata file and re-create relying party and the Claims Rules on the ADFS? Thank you, Rahul Patel
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Nathan Morrow Posts: 78 Join Date: 3/29/11 Recent Posts	RE: ADFS Expiring Cert Answer 3/6/13 7:32 PM as a reply to Rahul Patel. Mark as an Answer Submit Reply with Quote Quick Reply A cert swap on both ends should be all that is necessary. Do you have any details on error messages received after the update? You may be better served contacting techical support with any available details, as SAML SSO is part of the base meeting service product and telephone based support is immediate. You could also follow the configuration guide and recongifure from scratch in case some setting is misconfigured, of course backup your current configuration. If additional configuration assistance is still required, your account manager can schedule a meeting with the advanced services group to get everything set up.
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Rahul Patel Posts: 6 Join Date: 7/9/10 Recent Posts	RE: ADFS Expiring Cert Answer 3/7/13 2:14 PM as a reply to Nathan Morrow. Mark as an Answer Submit Reply with Quote Quick Reply Hello Nathan, I was able to get this to work. The AD FS service account needs to be able to manage the private key of the certificate. This can be accomplished through the MMC --> Certificates --> Computer snap-in. Right-click over the new certificate --> All Tasks --> Manage Private Keys and add the service account, I assigned Full Permissions. I then exported the cert and imported into WebEx. Thanks for you help. Rahul
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Create a Cisco account today and gain access across all Cisco Collaboration Developer sites.

Sign Up Now!

Follow the WebEx Developer program on Twitter for the latest industry and WebEx Meetings related information.