I'm in the process of configuring OAuth from en on-premises Exchange 2016 CU19+ install to in order to have calendar integration within Microsoft Teams.
The HCW wizard has completed successfully, but no calender tab is visible within the Teams client (thick or web - same issue).
I've tested with
Test-OAuthConnectivity -Service EWS -TargetUri https://outlook.office365.com/ews/exchange.asmx -Mailbox firstname.lastname@example.org
And the error is
AADSTS700027: Client assertion contains an invalid signature. [Reason - The key was not found., Thumbprint of key used by client: xxxxxxxxx
I've tried verifying the certificate used for OAuth and it looks OK.
Running this command I've saved the certificate and compared it to the thumbprint from get-authConfig - they match and have not expired
Get-MsolServicePrincipalCredential -ServicePrincipalName "00000002-0000-0ff1-ce00-000000000000" -ReturnKeyValues $true
I'm kind of stumped as to how to solve this issue.