Renew the current self-signed certificate using IIS via “Server Certificates”, right-clicking on the current certificate and running the “Create Self-Signed Certificate”. Export this new certificate by right-clicking it.
Then run the following PowerShell script using PowerShell ISE with Administrator rights;
.'C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\CONFIG\POWERSHELL\Registration\SharePoint.ps1' $pfxPath = "your file here.pfx" $pfxPass = "your password here" $stsCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $pfxPath, $pfxPass, 20 Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $stsCertificate certutil -addstore -enterprise -f -v root $stsCertificate iisreset net stop SPTimerV4 net start SPTimerV4
Please note that I assume things like the location of the PowerShell for SharePoint. If the script does not work take care to find the correct path!
This short write-up was based on this TechNet Post