I have ADFS on my environment and it's currently authenticating via active directory perfectly fine. I'm trying to enable certificate authentication so they can authenticate with their smart cards. Currently, the smart cards are imported into their AD accounts and they can successfully get prompted to select the correct certificate and login (just not from ADFS). I also checked that the clients Root CA's are all located within the Trusted Root Certification Authorities certificate store and they're all present.
Within ADFS, I have certificate authentication enabled, inbound port 49443 (inbound from client to ADFS server), and the certificate login selection is showing on the ADFS login page. When I hit certificate login I receive the following error:
" An error occurred. No valid client certificate found in the request. No valid certificates found in the user's certificate store. Please try again after closing and reopening the browser and choose a different authentication method.
Activity ID: 25ef4526-fcb4-4f64-0c00
Error details: MSIS7121: The request did not contain a valid client certificate that can be used for authentication. This occurs when there are no valid certificates on the client computer, for example if all certificates have expired or been revoked. Error Code: 0x490
Node name: a22ee49a-fa2d
Error time: Tue, 20 Dec 2022 14:55:31 GMT
Cookie: enabled
User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
I get this whether I'm on a client computer and directly on the ADFS server itself in a web browser. Has anyone every encountered this?
