Win2003 Certs

I was working on installing a ServiceBus 1.1 client app on a Windows 2003 server.  I installed the server certs and crl on the client machine.  However I was still receiving the message:

System.UnauthorizedAccessException: The token provider was unable to provide a security token while accessing 
'https://myserver:9355/ServiceBusDefaultNamespace/$STS/Windows/'. Token provider returned message: 
'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'.
 ---> System.IdentityModel.Tokens.SecurityTokenException: The token provider was unable to provide a security 
 token while accessing 'https://myserver:9355/ServiceBusDefaultNamespace/$STS/Windows/'. 
 Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship
 for the SSL/TLS secure channel.'. ---> System.Net.WebException: The underlying connection was closed: Could not
  establish trust relationship for the SSL/TLS secure channel. ---> 
  System.Security.Authentication.AuthenticationException: The remote certificate is
   invalid according to the validation procedure.

When I viewed https://myserver:9355/ServiceBusDefaultNamespace in the browser the cert had an exception of "This certificate has an nonvalid digital signature."
I looked at the cert in certmanager and noticed the signing algorithm was 1.2.840.113549.1.1.11  Apparently the SHA256 algorithm was not installed on the server.  I had to apply a hotfix from http://support.microsoft.com/kb/938397

Print | posted on Tuesday, October 8, 2013 12:13 PM