Small Gotcha when Adding ADFS as an Identity Provider in ACS v2

It turns out that ACS v2 currently supports two “types” of signing certificates for identity providers:

  • self signed certificates
  • certificates that chain up to a trusted root (from Microsoft’s perspective), e.g. VeriSign

In other words, when you use a signing certificate in ADFS that comes from your internal PKI, it won’t work.

I hope this will get fixed – err – changed soon.

This entry was posted in IdentityModel. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s