Install the SSL certificate in server and get the certificate Thumbprint.
Run the below PowerShell command (change the thumbprint with yours)install it in ADFS. Use thumbprint with out spaces. Set-AdfsSslCertificate -Thumbprint ‘e5415105c8db76a659ea5ed23ac7d6fc8e9ebda8’
Under /etc/httpd/conf.d (RHEL based OS) create a new .conf file .Change the port and add SSL certificates and keys. All the request to IP will get a 403 Forbidden error and requests to sub.example.com will get severed from the directory /var/www/api.
Listen 9443
#All request to IP will be handled in this section
<VirtualHost _default_:9443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/certs/apache-selfsigned.key
DocumentRoot /var/www/def
Redirect 403 /
UseCanonicalName Off
UserDir disabled
</VirtualHost>
#Name based requests
<VirtualHost *:9443>
DocumentRoot /var/www/api
ServerName sub.example.com
ServerAdmin admin@example.com
SSLEngine on
SSLCertificateFile /etc/httpd/certs/cert.pem
SSLCertificateKeyFile /etc/httpd/certs/key.pem
<Directory /var/www/api>
Options -Indexes +FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/sub.example.com-error.log
CustomLog /var/log/httpd/sub.example.com-access.log combined
</VirtualHost>
Country Name (2 letter code) [XX]:AE State or Province Name (full name) []:Dubai Locality Name (eg, city) [Default City]:DSO Organization Name (eg, company) [Default Company Ltd]:My Company Organizational Unit Name (eg, section) []:IT Common Name (eg, your name or your server’s hostname) []:My Company CA Email Address []:me@mycompany.com
4. Create index & serial file. Remove all lines from this if already exists. touch /etc/pki/CA/index.txt echo ‘1000’ > /etc/pki/CA/serial
If you don’t have a CSR run the commands below to create a certificate.