So I'm setting up single-signon authentication for the organization I work for.
Our IT guy has setup an ADFS server, which is where we're getting our logon credentials from. He's using an in-house security certificate that wasn't originally created for this task. Now upon setup, I was getting an error "The remote certificate is invalid according to the validation procedure". So I've added the certificate to my dev machine as trusted root, and that exception went away. Good.
Now upon logon, we're getting a 'IDX10201: None of the the SecurityTokenHandlers could read the 'securityToken'' error. And then a list of 3rd party certificate handlers (w3.org, godaddy).
Now a lot of the solutions I've found online just say to set yourself up as a token handler, but that doesn't seem to be the ideal, nor the more secure solution.
So, I have a few questions. Will getting a 3rd party certificate resolve the token handler issue? The certificate we're using was issued to a specific server, not my dev machine, is that an issue as well? SSL is a brand new world to me, so explain it to me like I'm in 1st year.
EDIT:
So upon running openssl x509 -in <certificate file> -text
, I'm getting an error:
11568:error:0906D06C:PEM routines:PEM_read_bio:no start line: crypto\pem\pem_lib.c:691:Expecting: TRUSTED CERTIFICATE
The IT guy told me yesterday that he's using a "wildcard certificate", but I can get more information if needed.