Hi
I wrote my own IssuerNameRegistry based on the code of the ConfigurationBasedIssuerNameRegistry. It's the same except the Dictionary is concurrent and I don't load the trusted issuers from the web.config. We wanted to be able to authenticate against ADFS 2.0 servers of our customers.
Everything worked fine until my boss wanted to be listed in Azure. The test against a Microsoft testing environment worked well and the next step was to test against the production environment, where it failed with the annoyingID4175 exception: The issuer of the security token was not recognized by the IssuerNameRegistry.
Since we faced this exception several times - because the customer hadn't provided the correct thumbprint - I trace the provided thumbprint of the token certificate and the registered issuer certificate thumbprints. It was always a thumbprint mismatch, so copy
the thumbprint from the trace, paste it to the configuration was always the solution. Not so now, the provided thumprint equals the one that is registered on our side.
I can't understand this behavior especially because it works well with Microsoft's testing environment and the thumbprints do match. Does anyone have an idea what else could be the problem? Or is this exception thrown somewhere else?
I appreciate any advice.