Ron-4804 avatar image
0 Votes"
Ron-4804 asked ·

ADFS Multiple certificates from "Microsoft PolicyKeyService Certificate Authority"

Recently I start receiving that certificates on our ADFS server are about to expire.
So first I looked in the ADFS management console, Service, Certificates.
But all certificates like Service Communications, Token-decrypting and Token-signing are up-to-date.

So I start looking at the local certificate store, to find out all the certificates are all issued by CN=Microsoft PolicyKeyService Certificate Authority.
And there are a lot of them!

When I searched the web I did found out that they have something to do with the Health service. There are just a few similar cases, but none of them answer my questions, hopefully they will be answered here.

  1. Is there an option to renew them manually to get rid of the expiration warning events?

  2. Why are there so many certificates?

  3. Is it safe to remove them once they expire?

I hope somebody can help me on this issue.

10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers