Hello Readers,
We had to setup a new content source in our search and suddenly we got this error while going to the Content sources in Search Service Application.
I googled n didn't find much information so i went through the ULS logs and found these entries.
An operation failed because the following certificate has validation errors: Subject Name: CN=###############.com Issuer Name: CN=###############.com Thumbprint: 9238C86F4CF817870AFAB778E9E5E140D7ADE82F Errors: The root of the certificate chain is not a trusted root authority..
STS Call: Failed to issue new security token. Exception: System.IdentityModel.Tokens.SecurityTokenValidationException: ID4257: X.509 certificate
'CN=###############.com' validation failed by the token handler.
An exception occurred when trying to issue security token: ID3242: The security token could not be authenticated or authorized..
the actual issue was that one of the certificates were not added to 'SPTrustedRootAuthority'
Fixing this is simple
$cert = Get-PfxCertificate C:\###############.pfx
New-SPTrustedRootAuthority -Name "###############" -Certificate $cert
If you have a certificate that requires a password
Use IE and go to 'Central Admin'/_admin/ManageTrust.aspx and upload the certifcate.
That's how i got the issue fixed.
Hope it helps :)
Happy Coding
Guruparan Giritharan
