Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

ADFS 2.0 Error ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry

Tags:

wif

adfs2.0

The error:

ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer.

The situation: I have 3 or 4 asp.net apps running on a single IIS server (my QA environment), that this morning began returning this error. I start out on an anonymous site, click a link to a secure section, get redirected to my federation services proxy, authenticate, and am redirected back to my secure page, but this error appears.

This link and a bunch of others indicate that the thumbprint in my web.config is wrong, but I can prove (via history in TFS) that the thumbprint in my web.config file has not changed.

I've tried re-running the fedutil, but still get the same message (though that comes up with a different thumbprint). Any ideas?

like image 950
Peter T. LaComb Jr. Avatar asked Apr 29 '11 19:04

Peter T. LaComb Jr.


1 Answers

Hate to answer my own question, but it looks like I got bit by AutoCertificateRollover because it worked, and we then re-deployed, replacing the web.config and breaking the authentication.

This was actually a good thing, because our production cert expires in about 6 weeks, and production doesn't have auto rollover enabled - I would have had some serious issues in production and that's never good.

like image 160
Peter T. LaComb Jr. Avatar answered Nov 03 '22 06:11

Peter T. LaComb Jr.