none
Issue adding relying party - An error occured during and attempt to read the federation metadata RRS feed

  • 질문

  • Hi,

    I followed this guide to set up an ADFS 2.0 lab environment. The only difference that I have is that I did not set up the ADFS server and the WIF application to be on the same box but rather on 2 different.

    My server configuration is as follows:

    • Server 1 - win 2008 R2 - Domain Controller, DNS
    • Server 2 - win 2008 R2 - CA, ADFS
    • PC 3 - win 7 - Development environment

    I successfully created my ADFS configuration STS and could add that as a STS reference in the .Net application in Visual Studio 2008 on my dev environment. I then needed to configure the WIF application to be a valid Trusted Relying Party and followed these steps:

    1. Created an SSL certificate request
    2. Submitted an SSL request and issued it via the CA
    3. Installed it on the Development environment
    4. Ran the ADFS 2.0 'Add Relying Party Trust Wizard'
    5. Got stuck with trying to find the Federation metadata address of the dev environment

    No matter what URL I put in https://win7dev.mydomain.com/ClaimsAwareWebAppWithManagedSTS (is what it is on my dev environment IIS), I just cannot seem to get this going.

     

    I can run my app now from the ADFS box by connection to https://win7dev.mydomain.com/ClaimsAwareWebAppWithManagedSTS but that url would just not work when adding as a trusted relying party :(

     

    Could a certificate mismatch error be the problem?

    Thanks

    Mike

     

    2011년 2월 20일 일요일 오후 2:59

모든 응답

  • That sounds like the most likely cause from what you described.  I'm only partially familiar with ADFS, but I'm learning, so the more advice I can provide.  But anyway, yes, you should ensure that both servers are in trust of the same cert, or you could run into issues. 
    • 답변으로 제안됨 MJLongman 2012년 6월 8일 금요일 오후 3:10
    2012년 1월 12일 목요일 오전 6:43
  • Hello,

    for AD FS questions the better forum is http://social.msdn.microsoft.com/Forums/en-US/geneva/threads/


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    2012년 1월 12일 목요일 오전 7:28
  • Too late but I think this is still a problem in ADFS 4.

    While creating the AWS Relying party trust and putting the url for the aws metadata if you get the following error : An error occurred to read the federation data . Verify the proxy settings....  Then:

    Do it with a command line:
    Add-AdfsRelyingPartyTrust -Name "My App URL" -MetadataUrl "metadataURL"

    Example: for AWS SSO use:

    Add-AdfsRelyingPartyTrust -Name "AWS SSO" -MetadataUrl "https://signin.aws.amazon.com/static/saml-metadata.xml"

    https://docs.microsoft.com/en-us/archive/blogs/pie/adfs-2016-cannot-addupdate-relying-party-from-the-gui-from-metadata-files


    • 편집됨 Tarvinder91 2020년 3월 3일 화요일 오전 6:40
    2020년 3월 3일 화요일 오전 6:38
  • This could be a GUI problem. I have solved this via setting up trust with AWS SAML using powershel

    Add-AdfsRelyingPartyTrust -Name "my app" -MetadataUrl "<Metadata-URL>"
    Update-AdfsRelyingPartyTrust -TargetName "my app"

    https://docs.microsoft.com/en-us/archive/blogs/pie/adfs-2016-cannot-addupdate-relying-party-from-the-gui-from-metadata-files    

    • 편집됨 Tarvinder91 2020년 3월 4일 수요일 오전 7:14
    2020년 3월 4일 수요일 오전 7:14