Azure AD B2C SAML Custom Policy Certificate Error

Aman Thakur 1 Reputation point

Hi Guys,

I am having hard time accessing the Custom Policy that I have hosted on Azure B2C. I am able to generate the metadata for the policy successfully.

I am using SAML2 protocol.

But when my application tries to redirect towards the custom user flow. It is throwing a certificate error below:

System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate is not in the trusted people store. The X.509 certificate chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

Any suggestions or help would be appreciated.



Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,674 questions
Azure Active Directory External Identities
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
4,917 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 55,526 Reputation points

    Hello @Aman Thakur Are you following the instructions mentioned here: Register a SAML application in Azure AD B2C? Have you uploaded the certificate to Azure AD B2C > Identity Experience Framework > Policy keys as mentioned under 1.2 Upload the certificate section?

    Also, make sure that the technical profile for SAML in the custom policy files is updated with correct key container name, where you have uploaded the certificate.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.