Closed cotepatrice closed 9 years ago
Odd. We can look into it when we get back home (I think we're both traveling this week -- at least I am).
Thanks guys ! If I find anything in the meantime, I'll let you know.
Did you got time to take a look at it ? I still have the problem and no solution in view.
Thanks !
Finally solved this ! It was a plain stupid bad thumbprint because it probably had been copied directly from the certificate window on the ADFS server.
Can some please let me know the resolution for this issue. We have the same issue currently with the ADFS
I know it's about a year later but still. If anyone come across this issue, know that copying the thumbprint directly from the certificate window may cause additional invisible characters to be added to the beginning of the thumbprint string. Use Notepad++ to view the file. Select "Encoding-> Encode in ANSI". You will see the hidden characters. Delete them and save.
@OferLevi85 you saved my day 👍 Thank you
You welcome @ccellar :) glad I could help :)
@OferLevi85 It solves my problem. Thank You.
@OferLevi85 Thanks man!
Hi !
I have a strange error in IdentityServer. We changed the STS to a new ADFS 3. The old one was ADFS 2. So, I changed the ADFS Integration configuration part to reflect the change. Then I tested it with my test client and got a 500 response.
So I checked the logs on the ADFS server and I saw that a token was succesfully issued to the user for the endpoint. Then I checked the trace logs (that I activated because it's a dev environment) and found the error in the systemIdentityModel.svclog file : ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer.
Here is the IdentityServer ADFS Integration page :
So you can see the issuer URI and the signin thumbnail. Here's the ADFS properties page now :
And the signin certificate :
And the RP on the ADFS (with proof that there is no encryption whatsoever)
The client code that calls the token endpoint :
And the error message in the systemIdentityModel.svclog file :