This content has been archived and is no longer being maintained.

Table of Contents


Replacing an encryption certificate for Active Directory Federation Services

With the Pega® Robotic Automation Deployment Portal, you can use an Active Directory Federation Services (AD FS) server to provide security tokens for implementing single sign-on. To avoid service interruption, you should replace the encryption certificate as required by Pega Support.

To replace an authority encryption certificate, complete the following tasks:

Downloading the certificate

  1. Download the authority encryption certificate
  2. Open a web browser and go to the website. The Authority Server webpage displays.
  3. To download the certificate, click Authority SSL certificate.
The certificate has the following serial number:‎ ‎00 f7 06 b1 11 d0 5d eb 7e

Importing the certificate

After you finish downloading the certificate, import the certificate by using the AD FS console, which is installed when you install AD FS.

  1. From the Start menu, in the Search Programs and File field, type Admin, and then click Administrative Tools > Active Directory Federation Services.
  2. Click Relying Party Trusts.
  3. Right-click the relying party trust setup for OpenSpan and click Properties.
  4. Click the Encryption tab.
  5. Click Browse and select the authority certificate that you downloaded in the previous task. Click Open.
  6. Verify that the subject is and that the expiration date is 1/25/2021.
  7. Click Apply. The warning that the encryption certificate will expire within thirty days disappears.
  8. Click OK.

The system replaces the AD FS encryption certificate.

If Pega Robotic Automation Runtime cannot authenticate, contact Pega Robotic Automation Support.

Continue with Setting up the Certificate Revocation List.


Published June 7, 2017 — Updated July 6, 2018

100% found this useful

Have a question? Get answers now.

Visit the Pega Support Community to ask questions, engage in discussions, and help others.