The PowerShell script created by the SharePoint connection wizard accommodates the following certificates:
The trusted identity provider requires that all certificates in the certificate chain are included. If an intermediate certificate authority signed your certificate instead, modify the PowerShell script to include both certificate authority certificates.
The following illustration describes the differences between the default PowerShell script, and a PowerShell script that accommodates multiple certificate-authority certificates:
Follow these steps:
$rootcert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("<full path to Root certificate file>") New-SPTrustedRootAuthority -Name "<Trusted root authority name>" -Certificate $rootcert
Change this value: |
To this value: |
$rootcert |
$rootcert2 |
<full path to Root certificate file> |
<full path to additional certificate authority certificate file> |
<Trusted root authority name> |
Name of the additional trusted root authority |
The PowerShell script is modified.
Copyright © 2013 CA.
All rights reserved.
|
|