CRM2013部署完ADFS后通过url在浏览器中访问测试是否成功,成功进入登陆界面但在登陆界面输入用户名和密码后始终报身份验证失败,系统中的报错信息如下:Microsoft.IdentityServer.AuthenticationFailedException: MSIS3014。The encryption certificate of the relying party trust ‘https://internalcrm.xx.com.cn:446/‘ identified by thumbprint ‘BF19134359B872575F6F218181267B831EFE4A94‘ is not valid. It might indicate that the certificate has been revoked, has expired, or that the certificate chain is not trusted.
解决方法:执行下面这段指令把证书加密验证关掉
Set-ADFSRelyingPartyTrust -TargetName <relyingpartytrustName> -EncryptionCertificateRevocationCheck None
再次访问登陆就验证过去了。
参考链接:http://stackoverflow.com/questions/10209143/adfs-2-0-request-token-for-service-in-different-ad
The encryption certificate of the relying party trust identified by thumbprint is not valid
原文:http://blog.csdn.net/vic0228/article/details/36005319
