establish trust between the ADFS Proxy and the Federation Service [Answered]RSS

1 reply

Last post Nov 05, 2012 02:35 AM by mark - msft

  • establish trust between the ADFS Proxy and the Federation Service

    Oct 31, 2012 03:44 AM|hanzibar|LINK

    In the event veiwer I get the erro -  393 : the federation server proxy could not establish a trust with the federation service.

    I am trying to automatically bind "default web site" to port 443 and a specifice certificate using :
    1. netsh http add sslcert ipport=0.0.0.0:443 certhash={my cert hash} appid={ab3c58f7-8316-42e3-bc6e-771d4ce4b201}

    2.  and after that I add the binding to the IIS configuration :
    appcmd.exe set config -section:system.applicationHost/sites /+"[name='Default Web Site'].bindings.   [protocol='https',bindingInformation='*:443:']" /commit:apphost

    I have few questions :
    1. appid={ab3c58f7-8316-42e3-bc6e-771d4ce4b201}, is it the default appId of the site - default web site?
     (currently my machine that is going to be my adfs proxy server is "clean" with no app on it.
    2. when I bind manually between the "default web site" to the port 443 and the certificate and I have no problem to create the trust
    between the adfs proxy server and the federation service.
      


    IIS troubleshooting ADFS EventVwr general Configuration & Scripting

  • Re: establish trust between the ADFS Proxy and the Federation Service

    Nov 05, 2012 02:35 AM|Mark - MSFT|LINK

    Hi,

    hanzibar

    1. appid={ab3c58f7-8316-42e3-bc6e-771d4ce4b201}, is it the default appId of the site - default web site?
    No, it's not.

    hanzibar

    2. when I bind manually between the "default web site" to the port 443 and the certificate and I have no problem to create the trust
    between the adfs proxy server and the federation service.

    Please refer:

    http://technet.microsoft.com/en-us/library/adfs2-troubleshooting-federation-server-proxy-problems(v=WS.10).aspx

    Best Regards

    Please mark the replies as answers if they help or unmark if not.
    If you have any feedback about my replies, please contact msdnmg@microsoft.com
    Microsoft One Code Framework