When you need to replace an expired SSL certificate on a Presentations 2Go server, you need to take some special precautions when your server uses SAML or ADFS authentication.


  1. Replace the certificate in IIS
  2. Change the private key permissions to allow access for network service account
    1. Start the management console (mmc) and add the certificates Snapin.
    2. File/Add-Remove Snapin/Certificates/Computer Account/Local Computer/
    3. Navigate to /Personal/Certificates; choose the certificate and right click to select All Tasks/Manage Private keys and add Network Service





  1. Search for the subject in the new ssl certificate and if that’s different than the previous subject, update it in the web.config file in c:\inetpub\wwwroot\p2g
    1. <SigningCertificate findValue="CN=*.presentations2go.eu, OU=Domain Control Validated, O=*.presentations2go.eu" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" />
    2. The find value should contain 1 space character between the comma and next value. See green highlights above