在 ADFS 中,要设置 SSL 证书,需要在服务器上安装 IIS。然后,为 IIS 绑定证书,将证书上传到 ADFS 服务器上,并更新 ADFS 网站的绑定。
以下是示例代码:
$cert = Get-ChildItem -Path cert:\LocalMachine\MY | ?{$.Subject -match "CN=MyCertificateName"} $thumbprint = $cert.Thumbprint cd iis:\SslBindings Get-ChildItem | ?{$.Thumbprint -eq $thumbprint} | Remove-Item -Recurse New-Item -Path IIS:\SslBindings\0.0.0.0!443 -Value $thumbprint
$certPath = "C:\MyCertificate.pfx" $password = "MyPassword"
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certPath, $password)
$thumbprint = $certificate.Thumbprint
Set-AdfsSslCertificate -Thumbprint $thumbprint
Set-WebBinding -Name "ADFS - Default Web Site" -Protocol "https" -BindingInformation "*:443:" -PropertyName "CertificateThumbprint" -Value $thumbprint
注意,以上示例代码仅供参考,具体实现方法可能因环境不同而有所不同。
上一篇:ADFS问题-自动登录无法工作
下一篇:ADFS无法验证JWT的签名