Hi! Today I will talk about something that happens recently in one of our O365 deployments. We renewed our SSL certificates in our ADFS server, but when any administrator user Access to the O365 portal they were receiving the following alert inside the poertal:
Renew your certificates
One of your on-premises Federation Service certificates is expiring. Failure to renew the certificate and update trust properties within XX days will result in a loss of access to all Office 365 services for all users
Solution: This error can be caused if any of the three primary SSL Certificates that are required to federate to an external identity are nearing their experation date. In this case we know that this was a false positive, and automatically the certificate in the O365 tenant will be replaced, but some people at o our company were complaining about this message, so we decided to force to update the certificate.
So once again, we need some powershell to do that, let’s start
Open up the Windows Azure Active Direcotry Module for Windows PowerShell as an administrator.
Execute the following command: Connect-MsolService and enter your Office 365 administrator credentials
Execute the following command: Update-MsolFederatedDomain -DomainName yourdomain.com -SupportMultiDomain
Is it necessary to replace “yourdomain.com” with your federated domain. In case you have multiple domains you are federating with Office 365, add the optional -SupportMultiDomain parametyer as well.
Hope it helps!