A question regarding token signing cert manual update. Some articles mention enabling auto rollover then generate the cert and then disable auto rollover. Is that the correct procedure (currently auto rollover is set to false)?
Also, when two certs are present with the current one as primary and the renewed as secondary, will the relying party trust me able to connect through the new cert/thumbprint or does the new one have to set up as primary for that?
Any pointers to how this needs to be updated in WAP? Microsoft document talked about renewal and didn't have reference to wap.
Thanks!