Small Gotcha when Adding ADFS as an Identity Provider in ACS v2

It turns out that ACS v2 currently supports two “types” of signing certificates for identity providers:

  • self signed certificates
  • certificates that chain up to a trusted root (from Microsoft’s perspective), e.g. VeriSign

In other words, when you use a signing certificate in ADFS that comes from your internal PKI, it won’t work.

I hope this will get fixed – err – changed soon.

This entry was posted in IdentityModel. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s