One of my customers had to update their SSL certificate used by their CRM 2011 IFD environment. Below are the steps we took to apply the new SSL certificate –
1) Add the new certificate to the ADFS server
- Import the new certificate to the ADFS server
- Grant the ADFS App Pool account “Full” permission to the new certificate
- Also grant the CRM App Pool account “Read” permission to the new certificate
- Bind the new certificate to the ADFS website
2) Add the new certificate to the CRM Server
- Import the new certificate to the CRM server
- Grant the CRM App Pool account “Read” permission to the new certificate
- Bind the new certificate to the CRM website
3) Reconfigure Claims Based Authentication in Deployment Manager on the CRM Server to use the new certificate.
4) On the ADFS server, update all the Relying Party Trusts used by CRM.
5) Perform and IIS Reset on the ADFS and CRM servers.
NOTE: It might help to delete/remove and un-bind the old certificate from the ADFS and CRM Servers as well.