Update SharePoint STS certificate

Renew the current self-signed certificate using IIS via “Server Certificates”, right-clicking on the current certificate and running the “Create Self-Signed Certificate”. Export this new certificate by right-clicking it.

Then run the following PowerShell script using PowerShell ISE with Administrator rights;

.'C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\CONFIG\POWERSHELL\Registration\SharePoint.ps1'
$pfxPath = "your file here.pfx"
$pfxPass = "your password here"
$stsCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $pfxPath, $pfxPass, 20
Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $stsCertificate
certutil -addstore -enterprise -f -v root $stsCertificate
net stop SPTimerV4
net start SPTimerV4

Please note that I assume things like the location of the PowerShell for SharePoint. If the script does not work take care to find the correct path!

This short write-up was based on this TechNet Post

Leave a Reply

Your email address will not be published. Required fields are marked *