In order to replace the certificate on ADFS server sync with office 365 Azure Active Directory you need to obtain legal certificate then execute this command on the ADFS server :
On the primary AD FS server, use the following cmdlet to install the new SSL certificate
Set-AdfsSslCertificate -Thumbprint '<thumbprint of new cert>'
The certificate thumbprint can be found by executing this command:
dir Cert:\LocalMachine\My\More information can be found here :
Managing SSL Certificates in AD FS and WAP in Windows Server 2016 | Microsoft Learn
Good Luck