Perform these steps to update the AD FS SSL certificate with a few simple clicks on all AD FS servers and Web Application Proxy servers in the Azure AD Connect-managed AD FS farm:

1. Select the Update AD FS SSL certificate ribbon.
2. Click Next.
3. On the Connect to Azure AD screen, enter the credentials of an account in Azure AD that has been assigned the Global administrator role.
4. On the Connect to AD FS screen, enter the credentials for an account that is a member of the Enterprise Admins group.
5. On the AD FS servers screen, check that all AD FS servers are present. Use the Add button to add missing AD FS servers. Use the Remove link next to the AD FS servers that are offline or no longer part of the AD FS farm. ...