1,306 questions
One of the WAP server not working
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 87%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Adam Lovas
21
Reputation points
Hy!
I have a two node ADFS farm (ADFS01 and ADFS02 servers) and also there are two node WAP cluster (WAP01 and WAP02 servers which are connected to the ADFS farm. There are some problem with the WAP01, it seems the trusted relationship with the ADFS farm has been broken. There are some error message in the Event Viewer under the ADFS log store (Applications and Services Logs/AD FS):
Event ID: 224
Value cannot be null.
Parameter name: proxyTrustCertificate
Event ID: 383
'.', hexadecimal value 0x00, is an invalid character. Line 10, position 1. (C:\Windows\ADFS\Config\microsoft.identityServer.proxyservice.exe.config line 10)
'.', hexadecimal value 0x00, is an invalid character. Line 10, position 1.
The microsoft.identityServer.proxyservice.exe.config file contain only this:
*<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="microsoft.identityServer.proxyservice" type="Microsoft.IdentityServer.Management.Proxy.Configuration.ProxyConfiguration, Microsoft.IdentityServer.Management.Proxy, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
</configSections>
<microsoft.identityServer.proxyservice>
<congestionControl latencyThresholdInMSec="8000" minCongestionWindowSize="64"
enabled="true" connectionTimeoutInSec="120" />*
I think there should be more content.
I can not start the Web Application Proxy service:
Event ID in the WebApplicationProxy/Admin log store: 12016
The operation stopped due to an unknown general error. Error code 0x80075209.
Administrator
Get-WebApplicationProxyConfiguration
Event ID: 12025
The following information was included with the event:
(0x80072f0c)
There are some error in the System log:
Event ID: 7023
The Web Application Proxy Service service terminated with the following error:
A certificate is required to complete client authentication
I tried to restore the microsoft.identityServer.proxyservice.exe.config file, but it didn't resolve the problem.
I research about the possible solutions on the internet and find some information about the "Re-Establsih Proxy Trust":
What do you think about the solution? Will be the solution for me? Are there any negative impact for the working WAP02 and ADFS farm?
Thanks.
Microsoft Security | Active Directory Federation Services
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 82%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
adam900331 366 Reputation points2023-09-19T12:21:27.8766667+00:00 I re-created the proxy trust between WAP01 and ADFS farm, no negative impact, the problem is resolved.
Sign in to comment
Sign in to answer