The last blog was about planning for ADFS and what questions you should be asking when deploying it.
I said that the next blog would be about what conversations and questions you should have with the application owners. After some thought, I’ve changed my mind and decided to write about certificate planning. During almost every ADFS deployment I’ve been a part of, most of the conversations and planning revolve around certificates so I figured we should take some time to talk about this. ADFS relies heavily on public/private key certificate so if you’re not already familiar certificates, deploying ADFS will quickly get you re-acquainted. Like I’ve mentioned before, ADFS is a service that will need to grow with your organization’s needs and so proper planning is also required for certificates to ensure they will meet your growing needs and requirements.
The funny thing about certificates is that almost anything goes. For example, installing ADFS is really black and white – you either install it or you don’t. With certificates, there are so many options for deploying them that many customers forget the basics about public/private certificate signing and encryption. Like most things, certificates are mostly 90% planning and 10% execution.