One problem was that the site's SharePoint name when running the New-AXClaimsAwareEnterprisePortalServer was the hostname.Domain but the site in AX was only the hostname. From here the browser was complaining that the certificate was not generated for this site.
So, in order to workaround this I ended up generating a certificate for a CA that I used after to generate the SSL and signing certificates used in the tutorial.
To do this, just open up Visual Studio Command Prompt and run first
makecert.exe -n "CN=Public EP Site CA,O=The Company, OU=EnterprisePortal,L=EP,S=BUC,C=RO" -pe -ss Root -sr LocalMachine -sky exchange -m 120 -a sha1 -len 2048 -r.
After running this you can run
makecert.exe -n "CN=replace_your_host_name" -pe -ss My -sr LocalMachine -sky exchange -m 120 -in "Public EP Site CA" -is Root -ir LocalMachine -a sha1 -eku 18.104.22.168.22.214.171.124.1
in order to generate the two SSL certificates you need (they will replace the two certificates you generated in the tutorial using the IIS).
Then finally you generate the STS signing certificate
makecert.exe -pe -a sha1 -n "CN=FormsSTSSigning" -ss My -sr LocalMachine -sky exchange -len 2048 -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 c:\FormsSTSSigning.cer -in "Public EP Site CA" -is Root -ir LocalMachine
At this point you should be certificate error free for your EP site.