Monday, March 18, 2013

How to replace default SharePoint STS certificate

Scenario: How to replace default SharePoint STS certificate
Solution:
$certPrkPath="<path to replacement certificate (.pfx file)>"

$stsCertificate=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certPrKPath, "<replacement certificate password>", 20

Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $stsCertificate -Confirm:$false

The above script replaces default STS certificate on all AP and FE servers in the SharePoint farm and paces it in the SharePoint trusted root authority of all AP and FE severs MMC console.