"One of your on-premises Federation Service certificates is expiring" message in Microsoft 365 portal
Problem
You receive the following message in the Microsoft 365 portal:
One of your on-premises Federation Service certificates is expiring. Failure to renew the certificate and update trust properties within 13 days will result in a loss of access to all Office 365 services for all users.
Cause
The Secure Sockets Layer (SSL) certificate or the token-signing certificate is about to expire. You may receive this message even if automatic certificate rollover is enabled for the token-signing certificate.
Solution
To resolve this issue, follow these steps:
- Install the Microsoft Azure Active Directory module for Windows PowerShell on the computer (if the module isn't already installed).
- Follow the steps in the "Scenario 1: The AD FS token-signing certificate expired" section in "There was a problem accessing the site" error from AD FS when a federated user signs in to Microsoft 365, Azure, or Intune.
- Follow the steps in How to update or repair the settings of a federated domain in Microsoft 365, Azure, or Intune .
More information
Still need help? Go to Microsoft Community.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for