In my last post I wrote about a PowerShell script that can be used to automatically update the token signing certificate in the ADFS trusted providers.
This project aims to solve this problem by creating a custom timer job that will download the ADFS federation metadata and check if the primary token signing certificate has changed. If it has changed, then it'll udpate SharePoint with the new certificate.
The project currently includes:
- A custom timer job definition.
- A custom admin page in Central Administration that allows an admin to select which providers to update.
- Custom ULS logging.
You can find the code in the following Github project: https://github.com/jesusfer/ADFSCertificateUpdater