The encryption certificate of the relying party trust identified by thumbprint is not valid

CRM2013部署完ADFS后通过url在浏览器中訪问測试是否成功,成功进入登陆界面但在登陆界面输入username和password后始终报身份验证失败,系统中的报错信息例如以下:Microsoft.IdentityServer.AuthenticationFailedException: MSIS3014。The encryption certificate of the relying party
trust ‘https://internalcrm.xx.com.cn:446/‘ identified by thumbprint ‘BF19134359B872575F6F218181267B831EFE4A94‘ is not valid. It might indicate that the certificate has been revoked, has expired, or that the certificate chain is not trusted.

解决方法:运行以下这段指令把证书加密验证关掉

set-adfsrelyingpartytrust -targetname "your relying party trust name" -encryptioncertificaterevocationcheck none
set-adfsrelyingpartytrust -targetname "your relying party trust name" -signingcertificaterevocationcheck none

此处的"your replying party trust name"即是在AD FS管理器中新建的Replying Party Trust的displayname

再次訪问登陆就验证过去了。

參考链接:http://ms-crm-2011-beta.blogspot.com/2013/05/an-error-occurred-during-attempt-to.html



时间: 2024-08-03 10:30:34

The encryption certificate of the relying party trust identified by thumbprint is not valid的相关文章

https请求时出错:Could not establish trust relationship for the SSL/TLS secure channel

当我在用NET命名空间下获取URL的时候,提示如下错误: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 使用传输安全模式,证书建立SSL,宿主端口证书配置完毕,但是客户调用服务出错. Could not establish trust relationship for the SSL/TLS secure channel wi

ADFS 2016 – Cannot add/update Relying Parties from the GUI from metadata files “Method not found”

UPDATE: The following update is fixing this issue: Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016 https://support.microsoft.com/en-us/kb/3201845 If you are currently using the October release of Windows Server

Cryptographic method and system

The present invention relates to the field of security of electronic data and/or communications. In one form, the invention relates to data security and/or privacy in a distributed and/or decentralised network environment. In another form, the invent

Java Secure Socket Extension (JSSE) Reference Guide

Skip to Content Oracle Technology Network Software Downloads Documentation Search Java Secure Socket Extension (JSSE) Reference Guide This guide covers the following topics: Skip Navigation Links Introduction Features and Benefits JSSE Standard API S

[Alljoyn] 2、物联网开源软件框架alljoyn研究(二)——初步了解

AllJoyn SDK Concepts[AllJoyn应用通过APIs在objects间暴露自己的功能,大多数应用只暴露一个object,有时会自动生成父object(当应用的object不是root时):object能继承一个或多个接口] Exposing FunctionalityAllJoyn applications expose their functionality via APIs implemented in objects– Most applications will ex

Configuring WS-Security UsernameToken and WS-SecureConversation (Symmetric Connection Creation)

Context This procedure provides a detailed process of all necessary steps to secure Web Services with SecureConversation and to set up the authentication of the users using user name and password. This example uses two AS ABAP systems and individual

Revit 2017 编程须要用Visual Studio2015 +.NET Framework 4.52

一年一度的Revit产品公布时刻,我们抢先想各位介绍下Revit 2017的变化和新功能 Major changes and renovations to the Revit API API changes .NET 4.6 All Revit API binaries are now built targeting .NET 4.5.2. However, Revit uses the runtime from .NET 4.6. At a minimum, add-ins will need

Office 365 ADFS策略设置工具

ADFS全称为Active Directory Federation Services,即活动目录联合服务,我们主要用来做账号登录认证. 为了方便对其策略进行配置,写了下面的脚本,必须在ADFS主服务器运行. #------------------------------------------------------------------------------ # # Copyright  2012 Microsoft Corporation.  All rights reserved.

Migrating an ASP.NET MVC application to ADFS authentication

I recently built an ASP.NET application at work to help track internal use of our products. It's been really well received, but only a few days after launch one of our managers came over and asked if we could move the site to Azure so that people did