SecureAuth IdP Version Affected: All
This article explains how to change the binding certificate in IIS. The binding certificate is used to secure HTTPS access to the IdP and is the certificate which shows when double clicking the padlock icon in browsers.
The binding certificate may need to be changed due to a change in the IdP FQDN or if the certificate expires.
1. Open IIS Manager on the IdP
2. In the left pane click on the machine name
3. In the middle pane double click "Server Certificates"
4. If the new certificate is a renewal of an existing certificate, go to the right pane and click "Enable Automatic rebind of Renewed Certificate"
5. Now click "Import..." in the right hand pane.
6. In the Import Certificate dialog, select the certificate and enter a password if the certificate is password protected. Leave the "Select certificate store" dropdown set to "Personal"
7. If Automatic rebind was enabled in step 4 and this is a renewed certificate then no further action is required however for certificate changes that are not renewals continue to the next step.
8. In the left hand pane, expand Sites, then click on "Default Web Site"
9. Now in the right hand pane click "Bindings..."
10. In the Site Bindings dialog, click "https", then Edit, then click "Select"
11. Choose the new certificate then click OK
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.