1

Currently trying to copy a working farm that uses ADFS to authenticate users. My SharePoint farm authenticates users perfectly using NTLM. I followed the steps provided by Microsoft to set up an ADFS server and attempted to copy the settings from the working farm. When I set the authentication mode to the Trusted Identity Provider, a user who tries to reach SharePoint is routed to the ADFS server, where they receive the 403 error.

Enabled detail reporting. The specific error I am getting is: HTTP Error 403.7 - Forbidden The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.

Improve this question

1 Answer 1

Reset to default
-1

looks like issue with SSL certificate.

  • please make sure you bind the SSL certificate with the web application in IIS.ADFS need a SSL certificate as one of the requirements
  • also make sure you properly import the ADFS sts and root certificate while configuring on Devon farm
  • it is not simple like copy the things, you need relying party package, then configuration at sharepoint side
Improve this answer
4
  • The SSL certificate is binded to the IIS ADFS web app. Is it ok if the cert is a wildcard certificate? Commented Apr 13, 2016 at 12:44
  • Is it a problem if we are using a wildcard cert for the ADFS service? The certificates were imported properly, but does it matter which certificate store is used? To clarify, we are trying to use this with a smartcard and the browser is not even prompting for authentication. Commented Apr 13, 2016 at 12:51
  • i think wildcard certs is not a problem. as long as they are properly configured. can you click on the lock sign in the browser and try to install all certs Commented Apr 13, 2016 at 14:58
  • the cert is already installed on my machine. Commented Apr 13, 2016 at 16:01

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.