Link to home
Start Free TrialLog in
Avatar of WeTi
WeTi

asked on

Sharepoint site list componet didn't work a error shows:

Dear expert, we have a sharepoint site problem:

=================================================================================================
Date and time : 2018-07-24 12:00:42
Err message : ID4257: X.509 certificate 'CN=ADFS Signing - url.com validation failed by the token handler.
System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate CN=ADFS Signing - url.com is not in the trusted people store. The X.509 certificate CN=ADFS Signing - url.com chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

at System.IdentityModel.Selectors.X509CertificateValidator.PeerOrChainTrustValidator.Validate(X509Certificate2 certificate)
at System.IdentityModel.X509CertificateValidatorEx.Validate(X509Certificate2 certificate)
at System.IdentityModel.Tokens.SamlSecurityTokenHandler.ValidateToken(SecurityToken token)
Program : ADFS-LoginTest
Version : 1.0.0.0

Anyone know what is means and how to fix this?
Avatar of Walter Curtis
Walter Curtis
Flag of United States of America image
The certificate you are using may not have been imported with the full chain. If so, that is probably because it was not exported with the full chain. You can view the chain under the certificate information window.

Good luck...
Avatar of WeTi
WeTi

ASKER

Under Sharepoint Central management there are security settings for Trust relationships and the list site there are missing Root Authority Certificate, does SP need a Root Authority Cert or not?
Avatar of Walter Curtis
Walter Curtis
Flag of United States of America image
The trust relationships are only if you are connecting to other SharePoint farms or other external services. That is usually handled by SharePoint during installation and you do not need to configure that in almost all cases.

The error message suggests that an external authentication provider may come in to the picture here. That set up might be a good place to start looking.

...
Avatar of WeTi
WeTi

ASKER

How do I look then? This is a ADFS site that we are using a hybrid Microsoft Azure Cloud solution.
Avatar of Walter Curtis
Walter Curtis
Flag of United States of America image
I have limited experience with Azure at the moment. There are others here though that will probably be able to help you out.

Good luck...
Avatar of WeTi
WeTi

ASKER

There was no solution to this one, so what we did was change the solution to something else. I will close this question now, thanks for the effort.
ASKER CERTIFIED SOLUTION
Avatar of WeTi
WeTi
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial