ADFS没有P3P策略
ADFS没有P3P策略
提问于 2015-08-19 03:30:01
我有使用SAML身份验证的应用程序,我们已经在2012年的R2机器上安装了AD FS 3.0。我认为用户确实会通过身份验证,但这是一个问题,因为我的应用程序返回错误,下面是我得到的响应头:
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 5851
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0
P3P: CP="ADFS doesn't have P3P policy, please contact your site's admin for more details."
Set-Cookie: MSISAuthenticated=OC8xOC8yMDE1IDI6NTg6MzQgUE0=; path=/adfs; HttpOnly; Secure
Set-Cookie: MSISLoopDetectionCookie=MjAxNS0wOC0xODoxNDo1ODozNFpcMQ==; path=/adfs; HttpOnly; Secure
Date: Tue, 18 Aug 2015 14:58:34 GMT现在的问题是,据我所知,用户确实通过了身份验证,但我的应用程序无法继续。谷歌搜索我找到了这个link,但这个知识库是安装在ADFS服务器上的。我相信由于P3P错误,这是失败的。有什么建议吗?
回答 1
Stack Overflow用户
发布于 2019-11-25 13:04:50
我在一个论坛上找到了这个,希望它对你们中的一些人有用:
Run theses commands (this is what ultimately worked):
On TptDevADFS1 (server with ADFS 3 installed).
Used this command file on TptDevADFS1:
SETLOCAL
SET cert_folder=%HOMEPATH%\Documents\Certificates
IF NOT EXIST "%cert_folder%" md "%cert_folder"
SET sdk_folder=C:\Program Files (x86)\Windows Kits\8.1\bin\x64
IF NOT EXIST "%sdk_folder%" ECHO SDK FOLDER %sdk_folder% NOT FOUND.
IF NOT EXIST "%sdk_folder%" EXIT
CD "%sdk_folder%"
echo makecert -r -pe -n "CN=*.TptDev.com" -ss my -sr LocalMachine -eku "1.3.6.1.5.5.7.3.1","1.3.6.1.4.1.311.10.3.12" -len 2048 -sky exchange -e "01/01/2021" "%cert_folder%\TptDev.com_%COMPUTERNAME%_wildcard_exchDocSign.cer"
ENDLOCAL
Resulted in this command and output:
C:\Program Files (x86)\Windows Kits\8.1\bin\x64>makecert -r -pe -n "CN=*.TptDev.com" -ss my -sr LocalMachine -eku "1.3.6.1.5.5.7.3.1","1.3.6.1.4.1.311.10.3.12" -len 2048 -sky exchange -e "01/01/2021" "\Users\Administrator.TPTDEV\Documents\Certificates\TptDev.com_TPTDEVADFS1_wildcard_exchDocSign.cer"
Succeeded
C:\Program Files (x86)\Windows Kits\8.1\bin\x64>
The above command imported the certificate into
(Local Computer) Personal->Certificates (aka as certificate store “My”).
Then browse to certificate file and imported it (with exportable key) to
(Local Computer) Trusted Root Certificate Authorities->Certificates
Export key in Personal store as PFX file with options:
include private key, include all certs in chain, export all extended properties.
Copy file to TptDevCRM1 (Server Dynamics CRM 2015 is installed on).
On TptDevCRM1 (server with Dynamics CRM 2015 installed)
Imported PFX certificate (file) into (Local Computer) Personal->Certificates.
Imported PFX certificate (file) into (Local Computer) Trusted Root Certificate Authorities->Certificates页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/32081100
复制相关文章
相似问题
腾讯云开发者
