The encryption certificate of the relying party trust identified by thumbprint is not valid

CRM2013部署完ADFS后通过url在浏览器中访问测试是否成功,成功进入登陆界面但在登陆界面输入用户名和密码后始终报身份验证失败,系统中的报错信息如下:Microsoft.IdentityServer.AuthenticationFailedException: MSIS3014。The encryption certificate of the relying party trust 'https://internalcrm.xx.com.cn:446/' identified by thumbprint 'BF19134359B872575F6F218181267B831EFE4A94' is not valid. It might indicate that the certificate has been revoked, has expired, or that the certificate chain is not trusted. 

The encryption certificate of the relying party trust identified by thumbprint is not valid_第1张图片

解决方法:执行下面这段指令把证书加密验证关掉

set-adfsrelyingpartytrust -targetname "your relying party trust name" -encryptioncertificaterevocationcheck none
set-adfsrelyingpartytrust -targetname "your relying party trust name" -signingcertificaterevocationcheck none

此处的"your replying party trust name"即是在AD FS管理器中新建的Replying Party Trust的displayname


The encryption certificate of the relying party trust identified by thumbprint is not valid_第2张图片

再次访问登陆就验证过去了。


参考链接:http://ms-crm-2011-beta.blogspot.com/2013/05/an-error-occurred-during-attempt-to.html



你可能感兴趣的:(crm,encryption,Dynamics,ADFS,MSIS3014)