let’s cross it up – cross-farm services in sharepoint 2010

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content "C:\Certs\EnterpriseServicesRootCert.cer" -Encoding byte

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content "C:\Certs\InternetRootCert.cer" -Encoding byte

$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

$stsCert.Export("Cert") | Set-Content "C:\Certs\InternetSTSCert.cer" -Encoding byte

$farmID = (Get-SPFarm).Id

New-Item C:\Certs\internetConsumerFarmID.txt -type file -force -value "$farmID“

Copy-Item \\$consumer\c$\Certs\InternetConsumerFarmID.txt \\$publisher\c$\Certs

Copy-Item \\$publisher\c$\Certs\EnterpriseServicesRootCert.cer \\$iconsumer\c$\Certs

Copy-Item \\$iconsumer\c$\Certs\InternetRootCert.cer \\$publisher\c$\Certs

Copy-Item \\$iconsumer\c$\Certs\InternetSTSCert.cer \\$publisher\c$\Certs

$trustCert = Get-PfxCertificate "C:\certs\InternetRootCert.cer"

New-SPTrustedRootAuthority Internet -Certificate $trustCert

$stsCert = Get-PfxCertificate "c:\certs\InternetSTSCert.cer"

New-SPTrustedServiceTokenIssuer Internet -Certificate $stsCert

$trustCert = Get-PfxCertificate "C:\Certs\EnterpriseServicesRootCert.cer"

New-SPTrustedRootAuthority EnterpriseServices -Certificate $trustCert

$farmID = Get-Content C:\Certs\InternetConsumerFarmID.txt

$security = Get-SPTopologyServiceApplication | Get-SPServiceApplicationSecurity

$claimProvider = (Get-SPClaimProvider System).ClaimProvider

$principal = New-SPClaimsPrincipal -ClaimType "http://schemas.microsoft.com/sharepoint/2009/08/claims/farmid" -ClaimProvider $claimProvider -ClaimValue $farmID

Grant-SPObjectSecurity -Identity $security -Principal $principal -Rights "Full Control"

Get-SPTopologyServiceApplication | Set-SPServiceApplicationSecurity -ObjectSecurity $security

http://technet.microsoft.com/en-us/magazine/hh528474.aspx