Adding an RP to ADFS 2

ssl-certificate certificate adfs
5,895

Solution 1

I found the problem. The corporate network policies were restricting traffic between a computer in the domain and my non-domain VM.

Solution 2

First port of call is the Windows event log. You'll see an entry for ADFS. Are there any errors?

(The ADFS errors that display as abopve aren't very helpful!).

If you load IE from the VM that hosts ADFS, can you navigate to the relying party metadata i.e. display it in the browser?

Have you tried saving the metadata as a file and then using the "Import data as a file" option?

When you navigate to the site you want to add as a relying party using https, do you get certificate errors or do you get the green IE bar? ADFS doesn't like certificate errors.

Share:
5,895

Related videos on Youtube

abjbhat
Author by

abjbhat

Updated on September 18, 2022

Comments

  • abjbhat
    abjbhat almost 2 years

    I'm trying to add a Trusted Relying Party using the ADFS 2 wizard. My dev site (IIS hosted) has an HTTP binding at port 61080 while the HTTPS binding is on port 61443. I've got a self signed .PFX certificate for SSL.

    The ADFS 2.0 server is a Win2K8 R2 server hosted in a VM. This server is also a (dummy, for testing only) Domain Controller. The ADFS site is using a self signed certificate as well.

    I've added the ADFS 2 site as an STS to my dev site using FedUtil. Now here's the problem, when I try to add the dev site as a trusted relying party on the ADFS server, I get this error message...

    An error occurred during an attempt to read the federation metadata. Verify that the specified URL or host name is a valid federation metadata endpoint.

    Verify your proxy server setting. For more information about how to verify your proxy server setting, see the AD FS 2.0 Troubleshooting Guide (http://go.microsoft.com/fwlink/?LinkId=182180). Error message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

    In an attempt to resolve this problem, I've exported both the self signed certificates and added them to the "personal" and "trusted root certification authorities" in both machines but still no luck. The link mentioned in the error message offers some generic advice which hasn't been of any help.

    Does any one have any ideas?

    -Thanks!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

IIS 7.5 Client certificate authentication
Error while creating self-signed SSL certificate
Connecting to MySQL server with ssl
Spring security, ssl ldap and no certificate
How to create a single line x509 certificate that can be parsed by OpenSSL commandline tool
SSL certificate not accepted
converting .cer to .pem returns error 'unable to load certificate'
Error javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
How to disable certificate validation in java
TLS_RSA_WITH_AES_128_CBC_SHA and SSL_RSA_WITH_AES_128_CBC_SHA