Step 1: Service Configuration

Open AD FS Management Tool.

For testing purposes you can generate a self-signed SSL certificate. This certificate should only be used for testing. It will not be correctly validated by any browser.

$ openssl genrsa -out server.key 2048
$ openssl req -new -x509 -key server.key -out server.cert -days 3650 -subj /CN=\fs.customer.com
$ openssl pkcs12 -export -in server.cert -inkey server.key -out server.p12
Enter Export Password:
Verifying - Enter Export Password:

Specify a domain user account or a group under which the Service is running