After update SSL Certificate in SharePoint ,WAP, ADFS getting error 500

siva subramanian 21 Reputation points
2021-11-26T04:06:24.933+00:00

HI,

We have a SharePoint 2019 on premise with Kerberos Authentication using ADFS Non-Claims Aware Relying party trust behind WAP. We have update the SSL certificate in all the SharePoint server farm, ADFS and WAP. Now ADFS Non-Claims Aware Relying party trust is look like broken, Am able to login in ADFS login page but it not redirect to the SharePoint home page am getting error “SharePoint can't currently handle this request. HTTP ERROR 500” and in browser showing “your connection to this site isn't secure- This site does not have a certificate”
Please suggest how to rectify the issue and how to renew the SSL Certificate in ADFS, WAP and SharePoint farm.

Thanks,

SharePoint Server
SharePoint Server
A family of Microsoft on-premises document management and storage systems.
2,147 questions
SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,761 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Allen Xu_MSFT 13,756 Reputation points
    2021-11-26T06:32:21.293+00:00

    Hi @siva subramanian ,

    To troubleshoot 500 Internal Server Error and Mixed Content Issues, please refer to the following links:

    To renew SSL certs for SharePoint web applications:

    • Add cert to computer Store on SharePoint server( all web front end).
    • Add into the IIS store.
    • Now update(Edit) the IIS Binding of each Web applications( on all wfe), and select the new certificate there.
    • In some cases you have to add the certificate in the SharePoint Central admin > Security > manage trust.

    To renew the SSL certificate in AD FS, WAP, take a reference to below articles:

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

    ----------

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Mike DeShane 21 Reputation points
    2021-12-02T17:30:38.407+00:00

    Did you happen to find the resolution to this issue? We are experiencing the same issue, our users reported today but said this could have started last week, looks to be about the same time it happened to you.

    0 comments No comments

  3. Mike DeShane 21 Reputation points
    2021-12-02T19:28:58.817+00:00

    Just to did some digging and saw the November 9 update for windows server KB5007206, seems to have broke Kerberos authentication. There appears to be an out of band update, not sure if anyone has seen this one or if they applied the out of band and did it solve the issue?

    https://support.microsoft.com/en-us/topic/november-9-2021-kb5007206-os-build-17763-2300-c63b76fa-a9b4-4685-b17c-7d866bb50e48

    0 comments No comments

  4. Mike DeShane 21 Reputation points
    2021-12-22T21:37:21.893+00:00

    Just to provide an update to this issue. The December Cumulative updates for Windows Server applied to the Domain Controllers in our infrastructure seems to have resolved this issue.

    0 comments No comments