Set up ADFS for SAML

This procedure uses ADFS 2.0 and shows samportal.example.com as the ADFS website. Replace this with your ADFS website address.

Before you begin

Role required: admin

Procedure

  1. Log into the ADFS 3.0 server and open the management console.
  2. Right-click Service and choose Edit Federation Service Properties.
    Edit Federation Service Properties
  3. Confirm that the General settings match your DNS entries and certificate names.
    Edit properties
  4. Browse to the certificates and export the Token-Signing certificate.
    1. Right-click the certificate and select View Certificate.
    2. Select the Details tab.
    3. Click Copy to File. The Certificate Export Wizard opens.
    4. Select Next.
    5. Ensure the No, do not export the private key option is selected, and then click Next.
    6. Select DER encoded binary X.509 (.cer), and then click Next.
    7. Select where you want to save the file and give it a name. Click Next.
    8. Select Finish. The instance requires that this certificate be in PEM format. You can convert this certificate using client tools or even online tools such as: SSL Shopper.
  5. Use the DER/Binary certificate that you just created, and export it in Standard PEM format.