Remove a Federation Service Proxy (FSP) certificate from the trust policy

Applies To: Windows Server 2003 R2

When a new client authentication certificate has been added to a server that is running the Federation Service Proxy component of Active Directory Federation Services (ADFS), or when you remove a federation server proxy from a server farm, the public portion of the client authentication certificate (the FSP certificate) must be removed from the trust policy of the Federation Service.

Perform the following procedure on a federation server to remove an FSP certificate from the trust policy.

Administrative credentials

To complete the procedure in this topic, you must be a member of the Administrators group on the local computer.

To remove a Federation Service Proxy authentication certificate

1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

2. Double-click Federation Service, right-click Trust Policy, and then click Properties.

3. Click the FSP Certificates tab.

4. Click the certificate that you want to remove, and then click Remove, and then click OK.