Waleedo on Fri, 03 Aug 2018 18:19:05
i had error 500 for Tenant works fine :
but for admin Site run the below commands it didn't work can someone help ?
Import-Module -Name MgmtSvcConfig
$ConnectionString = 'Data Source=SQL01\WAP;Initial Catalog=Microsoft.MgmtSvc.Config;User ID=sa;Password=your pass'
Set-MgmtSvcRelyingPartySettings -Target Admin -MetadataEndpoint 'https://adfs.doman.com/FederationMetadata/2007-06/FederationMetadata.xml' -ConnectionString $ConnectionString #-DisableCertificateValidation
Set-MgmtSvcIdentityProviderSettings -Target Windows -MetadataEndpoint 'https://tenant.domane.com/FederationMetadata/2007-06/FederationMetadata.xml' -ConnectionString $ConnectionString #-DisableCertificateValidation
#When using self-signed certificates uncomment the "–DisableCertificateValidation".
Event viewer logs from admin site:Error:Error in controller: Home action: Index
System.AggregateException: One or more errors occurred. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
i appreciate if someone face the same issue and resolved ? waiting your feedback
Cristian Negulescu on Fri, 10 Aug 2018 15:30:40
Can you please share what the Capi2 logs show?
If capi2 is not enabled please follow https://blogs.msdn.microsoft.com/benjaminperkins/2013/09/30/enable-capi2-event-logging-to-troubleshoot-pki-and-ssl-certificate-issues/ and then share the error we get there.
mouradl on Fri, 10 Aug 2018 17:09:59
Make sure you go through this KB when you renew Token certificate for auth sites:
Let us know if the problem still happens after that.