Cannot authenticate WAP in ADFS, after change main settings in either side
We will see the event ID 422 in Event Viewer on WAP server:
Additional Data:
Trust Certificate Thumbprint:
090D9BB9B0471127EDE9CEA66C2AE79223E349FC
Status Code:
Unauthorized
Exception details:
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.IdentityServer.Management.Proxy.StsConfigurationProvider.GetStsProxyConfiguration
In ADFS server, we can see event ID 276:
The federation server proxy was not able to authenticate to the Federation Service.
User Action
Ensure that the proxy is trusted by the Federation Service. To do this, log on to the proxy computer with the host name that is identified in the certificate subject name and re-establish trust between the proxy and the Federation Service using the Install-WebApplicationProxy cmdlet.
Ensure that the proxy is trusted by the Federation Service. To do this, log on to the proxy computer with the host name that is identified in the certificate subject name and re-establish trust between the proxy and the Federation Service using the Install-WebApplicationProxy cmdlet.
Additional Data
Certificate details:
Subject Name:
<null>
Thumbprint:
<null>
NotBefore Time:
<null>
NotAfter Time:
<null>
Certificate details:
Subject Name:
<null>
Thumbprint:
<null>
NotBefore Time:
<null>
NotAfter Time:
<null>
We need to check the certificate: dir Cert:\LocalMachine\My
Using the thumbprint of the certificate that I want the WAP to use, I am prompted for the service account credentials when I use the following command.
Install-WebApplicationProxy -CertificateThumbprint ’36E56E2F7ECE610C330EE370125454BBE5735A74′ -FederationServiceName ‘adfs.techrede.net’
