ADFS SSL Certificate: What is the purpose of the secondary certificate?

In the ADFS, you have a primary and secondary certificate. In the link https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/design/certificate-requirements-for-federation-servers, they mentioned that you can have multiple token-signing certificate configured but only the primary token-signing certificate is used by the ADFS to actually sign tokens.

Is the only purpose of the secondary certificate is to allow auto cert rollover to avoid manual intervention after the current certificate expires at the ADFS end?

Solution

Correct, during the rollover period the secondary certificate is available to give the RP etc. time to update.

The secondary is then promoted to primary and the original primary is deleted.

What is the default location for certificates created using "dotnet dev-certs https"
PowerBI currently broken with BigQuery: Simba driver issue with windows update
How to resolve "fpclassify': ambiguous call to overloaded function
How do I make windll.user32.SetWinEventHook work?
How to use JpegTran to recursively process all images, overwriting them, in a directory using Windows?
How to Set Up & Use Jpegtran with Windows
Switching between different JDK versions in Windows
Unable to backup firebird database file locked
How do I get the dimensions (resolution) of each display?
Installation appears to be corrupt [Unsupported] - Visual Studio Code
How to run a PowerShell script
How do I check if my executable is running for a service or for a normal program?
FPS drop in maximized/fullscreen window using DirectX12
MacOS Sequoia keyboard shortcut to move a window between different screens
Any free libraries to send/receive SMS, send/receive Calls using GSM Modem?
How to set “run only if logged in” and “run as” with TaskScheduler in C#?
How to use DeviceCapabilities() DC_BINNAMES in C++/CLI
buildbot on windows as a service
Stopping Vmmem from using RAM
Capturing git commit date (--format=%ci) in a Windows batch file?
Port 8005 is used By Windows 10 System Process
synthesizer in windows sounds much better than in linux (python and pyttsx3)
How to use the shortcut extension on Windows 10, using msix
Why can't processes address 4GB of memory in 32-bit systems?
Is there any way to sniff named pipe traffic in Windows?
Generate name for Named Pipe
How to write txt file at same file path but preventing window to update notepad display
Using GSL on Windows (compiling, linking, ect). A Step by Step Guide
Opening VS Code from the command line with directory path (with spaces) as an argument doesn't open the directory
Access denied while using ObRegisterCallbacks from Windows Driver Kit