使用通配符证书设置ADFS SSL证书时出错
使用通配符证书设置ADFS SSL证书时出错
提问于 2021-06-05 12:43:02
我正在尝试将ADSF配置为使用通配符SSL证书
我可以看到证书的指纹:
C:\temp\SAML> dir cert:\Localmachine\My\
PSParentPath: Microsoft.PowerShell.Security\Certificate::Localmachine\My
Thumbprint Subject
---------- -------
950CB19E429B5A409FD9650B08E873B23FE1082D CN=*.mydomain.com但当我尝试将其作为SSL证书安装时,我看到以下错误:
C:\temp\SAML> Set-AdfsSslCertificate -Thumbprint 950CB19E429B5A409FD9650B08E873B23FE1082D
Set-AdfsSslCertificate : PS0317: One or more of AD FS servers returned errors during execution of command
'Set-AdfsSslCertificate'. Error information: PS0316: AD FS Server: 'localhost', Error: 'The SSL certificate specified by
thumbprint 950CB19E429B5A409FD9650B08E873B23FE1082D does not have a subject name that matches the specified Federation
Service name: EC2AMAZ-0FBOMSR.adfs.mydomain.com'.
At line:1 char:1
+ Set-AdfsSslCertificate -Thumbprint 950CB19E429B5A409FD9650B08E873B23F ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Set-AdfsSslCertificate], RemoteException
+ FullyQualifiedErrorId :
RuntimeException,Microsoft.IdentityServer.Management.Commands.SetSslCertificateCommand错误是关于错误的主题名称。那不应该是"CN=“吗?使用通配符有问题吗?
回答 1
Stack Overflow用户
发布于 2021-06-09 18:05:37
不,你不能为host.subdomain.contoso.com使用*.contoso.com。*是一个级别(host.contoso.com),而不是您正在尝试的两个级别。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67846340
复制相关文章
相似问题
腾讯云开发者
