question

AmanThakur-9217 avatar image
0 Votes"
AmanThakur-9217 asked MarileeTurscak-MSFT commented

Azure AD B2C SAML Custom Policy Certificate Error

Hi Guys,

I am having hard time accessing the Custom Policy that I have hosted on Azure B2C. I am able to generate the metadata for the policy successfully.

I am using SAML2 protocol.

But when my application tries to redirect towards the custom user flow. It is throwing a certificate error below:

System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate CN=ITMS.TechMDE.onmicrosoft.com is not in the trusted people store. The X.509 certificate CN=ITMS.TechMDE.onmicrosoft.com chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

Any suggestions or help would be appreciated.

Thanks

Regards

azure-active-directoryazure-webappsazure-ad-b2c
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered MarileeTurscak-MSFT commented

Hello @AmanThakur-9217 Are you following the instructions mentioned here: Register a SAML application in Azure AD B2C? Have you uploaded the certificate to Azure AD B2C > Identity Experience Framework > Policy keys as mentioned under 1.2 Upload the certificate section?

Also, make sure that the technical profile for SAML in the custom policy files is updated with correct key container name, where you have uploaded the certificate.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @AmanThakur-9217,

Just checking in to see if Aman's response was helpful to you and if you were able to try his suggestions. If so, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.

0 Votes 0 ·