vendredi 21 février 2014

[Remote Access] Update your public certificate used by Web Application Proxy


Recently on my Lab environment I need to update my public certificate used by my Web Application Proxy (WAP) server.


In order to do this I open the Remote Access console and unfortunately there's no option to specify the new certificate to use.

So I decide to use PowerShell applying what Microsoft said: "if you can't do it in GUI so you could make it in PowerShell".

I first found the Set-WebApplicationProxySslCertificate cmdlet and I try it in confident to success.

By doing this the AD FS Proxy publication hosted on WAP stopped to work, while investigated with the Set-WebApplicationProxySslCertificate cmdlet I found that the association disappeared:

Paradoxically the URA console said that everything goes fine and working well:

So I decided to try the cmdlet Install-WebApplicationProxy used by the Wizard when deploying WAP, with the parameters to provide the certificate to use and the AD FS server to contact:

As if by magic:
  • The association and my AD FS Proxy come back
  • The publication works again :)
  • And all my others publication still there (because stored on the AD FS)
Morality of this story: take care of the PowerShell cmdlets used and always try them on the test environment to avoid problems on the production :)

Aucun commentaire:

Publier un commentaire