I'm trying to configure a "secure" SharePoint Web Application that uses ADFS Claims, Token Signing and Token Encryption.
I've managed to get ADFS working with Token Signing but am struggling with the Token Encryption feature that adds additional security to the system (even though all coms is over SSL).
When I add the Token Encryption certificate into the relevant tab on the Relying Party Trust on the ADFS GUI I get the following error when logging in to the SharePoint Application:
[SecurityTokenException: ID4014: A SecurityTokenHandler is not registered to read security token ('EncryptedData', 'http://www.w3.org/2001/04/xmlenc#').]
It seems that SharePoint isn't able to Decrypt the token, even though the relevant certificate has been installed and the "SP Trusted Root Authority" has been created.
I've seen a few articles that suggest you have to manually update the web.config file with some code to enable the Token Decryption process but none of them make much sense to my non-coding brain.
Cheers for now
Russell