Last active
September 30, 2019 13:33
-
-
Save joerodgers/dfc9c0e713100e60c517c28c06841a45 to your computer and use it in GitHub Desktop.
PS use to setup cross farm trust service application
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.microsoft.com/en-us/sharepoint/administration/exchange-trust-certificates-between-farms#managing-trust-certificates-by-using-powershell | |
| # 2016 - export the root certificate from the publishing farm | |
| $2016Root = (Get-SPCertificateAuthority).RootCertificate | |
| $2016Root.Export("Cert") | Set-Content "F:\Data\2016Root.cer" -Encoding byte | |
| # 2013 - import the root certificate and create a trusted root authority on the consuming farm | |
| $2016Root = Get-PfxCertificate "F:\Data\2016Root.cer" | |
| New-SPTrustedRootAuthority "SharePoint 2016 Root" -Certificate $2016Root | |
| # 2013 - export the STS certificate from the consuming farm | |
| $2013STS = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate | |
| $2013STS.Export("Cert") | Set-Content "F:\Data\2013STS.cer" -Encoding byte | |
| $2013Root = (Get-SPCertificateAuthority).RootCertificate | |
| $2013Root.Export("Cert") | Set-Content "F:\Data\2013Root.cer" -Encoding byte | |
| # 2016 - import the root certificate and create a trusted root authority on the publishing farm | |
| $2013Root = Get-PfxCertificate "F:\Data\2013Root.cer" | |
| New-SPTrustedRootAuthority "SharePoint 2013 Root" -Certificate $2013Root | |
| $2013STS = Get-PfxCertificate "F:\Data\2013STS.cer" | |
| New-SPTrustedServiceTokenIssuer "SharePoint 2013 STS" -Certificate $2013STS |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment