locked
Windows 2016 ADFS 4.0 configuration Web Application Proxy error RRS feed

  • Question

  • Hello I'm trying to configure the WebApplicationProxy for our ADFS.

    All the two machine (ADFS and WAP) are Windows 2016 with 2018-03 comulative update installed

    I have installed the SSL certifcate on all the two server

    When I try the configuration of the proxy I get the timeout error. Check on the event viewer I found two error (Event ID: 394 and Event ID: 224 [Retrieval of proxy configuration data from the Federation Server using trust certificate with thumbprint '2X...XD' failed with status code 'InternalServerError'. ]) about certificate and a error on the System Log Event ID 7023 (Unable to start Web Application Proxy Service: Content decoding has failed)

    On the internal ADFS server there are no error, and is logged Information Event ID "395" and I see the certificate in the AdfsCertificateStore inside the CERTIFICATES MMC plugin


    LSo Lorenzo Soncini Trento TN - Italy

    Tuesday, April 10, 2018 7:47 AM

Answers

  • Do you have any load balancer doing SSL inspection in between? Config retrieval uses certificate based auth, you can't break the channel between the WAP and the ADFS. Is that the case here? 

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, April 10, 2018 4:56 PM
  • Thanks for the andare. The solutions was deleted the virtual server and rebuild it from zero

    LSo Lorenzo Soncini Trento TN - Italy

    Tuesday, April 10, 2018 5:44 PM

All replies

  • Do you have any load balancer doing SSL inspection in between? Config retrieval uses certificate based auth, you can't break the channel between the WAP and the ADFS. Is that the case here? 

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, April 10, 2018 4:56 PM
  • Thanks for the andare. The solutions was deleted the virtual server and rebuild it from zero

    LSo Lorenzo Soncini Trento TN - Italy

    Tuesday, April 10, 2018 5:44 PM