Client certificate authentication stops at ADFS RRS feed

  • Question

  • Hello,
    I get an error at my ADFS 4.0 Server for authentication with Client certificates. Even when I would Login with a Client certificate, the adfs-server throw back to form-based Login. Here is a prase form Event log of the adfs Server:

    Microsoft.IdentityServer.AuthenticationFailedException: There is a problem with the X509Certificate provided by the client. The error code is: -2146762487

    I also checked the Certificate Revocation List for a Client certificate at the adfs-server and the Leaf certificate revocation check passed.

    The Adfs has no Internet Connection and the Certificate Authority is a Windows PKI in the same Domain. 
    Function Level is 2008 R2, Scheme is 2016 and a cname für certauth.adfs.domain already exists.  
    Whats wrong here? Any ideas?

    Thank You

    Wednesday, September 13, 2017 11:02 AM