ASP.NET的ADFS集成证书错误|软件开发问答库

我有一个asp.net网站，该网站使用ADFS身份验证让用户访问该网站。

我已经在ADFS中配置了网站，并且根据从RP收到的配置对web.config进行了更改。

当我键入URL时，它将被重定向到我放置有效凭据的ADFS网站。令牌是ADFS发出的问题（我检查了日志）。但是，重定向到我的网站后，我看到了如下异常。

The X.509 certificate CN=staging.companynet.com, O=Company, L=Issy-Les-Moulineaux, S=Ile-de-France, C=FR is not in the trusted people store. The X.509 certificate CN=staging.companynet.com, O=Company, L=Issy-Les-Moulineaux, S=Ile-de-France, C=FR chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

有关异常详细信息的更多信息：

The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

[SecurityTokenValidationException: ID4257: X.509 certificate 'CN=staging.companynet.com, O=Company, L=Issy-Les-Moulineaux, S=Ile-de-France, C=FR' validation failed by the token handler.]
   Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token) +1584
   Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token) +127
   Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri) +147
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request) +508
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args) +323
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +142
   System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +75
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +93

该证书已经安装在“受信任的根证书颁发机构”中。我已经在另一个服务器环境上配置了相同的网站，并且可以正常工作。我看到的唯一区别是在新服务器上打开证书时，在第一个选项卡上，我看到一条注释，指出“ Windows没有足够的信息来验证此证书”，而在另一台服务器上，它显示“证书用于以下目的”目的.....” 另一个区别是，在“证书路径”选项卡上，它显示-“找不到此证书的颁发者。”它在其他服务器上显示的位置-“证书确定” 这可能是造成此错误的原因吗？我该如何解决。