Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, December 1, 2015 12:02 PM
recently i have migrated sharepoint database server from A to B, everything goes well, but the managed services are gone, so I try to resolve with below solutions, but all failed.
1).psconfig -cmd upgrade -inplace b2b
2).$h = Get-SPServiceHostconfig
$h.Provision()
$services = Get-SPServiceApplication
foreach ($service in $services) { $service.provision();write-host $service.name ;write-host $service.status}
there are lots of errors in ulsviewer as below:
1).Configuration: Local Login Provider is missing it's signing certificate.
2).An exception occurred when trying to issue security token: The requested service, 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' could not be activated. See the server's diagnostic trace logs for more information..
Exception: System.ServiceModel.ServiceActivationException: The service '/SecurityTokenServiceApplication/securitytoken.svc' cannot be activated due to an exception during compilation. The exception message is: Exception has been thrown by the target of an invocation.. > System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. > System.ArgumentNullException: Value cannot be null.
Parameter name: certificate
at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate, String id, Boolean clone, Boolean disposable)
at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate)
at Microsoft.SharePoint.Administration.Claims.SPSecurityTokenServiceManager.ConfigureTokenHandlerCollection(SPSecurityTokenServiceManager manager, SecurityTokenHandlerCollectionManager collectionManager, String key, SecurityTokenHandlerCollection& tokenHandlerCollection)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceConfiguration.ConfigureTokenHandlerCollectionForLocalIssuer(SPSecurityTokenServiceManager manager, SecurityTokenHandlerCollectionManager collectionManager, String key)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceConfiguration..ctor()
All replies (2)
Tuesday, December 1, 2015 12:09 PM âś…Answered | 1 vote
You need to change the STS certificate, as indicates the error. You can use the commands from the article (after generating the certificate, of course):
$pfxPath = "<path to replacement certificate (.pfx file)>"
$pfxPass = "<certificate password>"
$stsCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $pfxPath, $pfxPass, 20
Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $stsCertificate
certutil -addstore -enterprise -f -v root $stsCertificate
iisreset
net stop SPTimerV4
net start SPTimerV4
Wednesday, December 2, 2015 3:58 AM
Thank you, i have updated the certificate and then restart the services, everything goes well. super ~~~