To enable AD FS for accessibility from outside the corporate network,we can deploy one or more web application proxies for AD FS. From Windows Server 2012 the role of a federation server proxy is handled by a new Remote Access role service called Web Application Proxy
Installing wildcard certificate
Web Application Proxy requres SAN SSL certificate,in this example i used wilcard certificate
SAN certificate allows for multiple domain names to be protected with a single certificate. For example, we install certificate for test.com, and then add more SAN values to have the same certificate protect test.org, test.net
Wildcard certificate allows for unlimited subdomains to be protected with a single certificate.We can use a wildcard certificate for the domain name test.com and that cert would also work for mail.test.com, ftp.test.com and any other subdomain.
On server which will be Web Application proxy open MMC console-add Certificates snap-in-Local computer
Expand Personal folder-right click Certificates…
View original post 200 more words