SharePoint2010場SharePoint安全令牌服務驗證錯誤

Question

在我們的SharePoint 2010場，我們重申我們的SSL證書，並將更新後，我們開始得到以下錯誤在事件日誌

Event ID 8311 
An operation failed because the following certificate has validation errors:\n\nSubject Name: 
    CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: \n\nErrors:\n\n 

RevocationStatusUnknown：吊銷功能無法檢查撤銷證書。

網站通常使用正確的更新證書。即使SharePoint和自定義安全應用程序之間的聲明身份驗證也正常。但是有些服務是給喜歡搜索的嚴重問題在SharePoint中不能正常工作，並給予下列錯誤：

The requested service, 'http://server:32843/f6a9024b8bbe48ebae7e9ffc8f5809dd/SearchService.svc' could not be activated. See the server's diagnostic trace logs for more information. 
Stack trace: 
Server stack trace: 
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) 

當我在PowerShell中運行Get-SPSite的命令我獲得以下錯誤

Get-SPSite : ID4257: X.509 certificate 'CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US' validation failed by the token handler. 

我不是能夠關閉/激活服務器上的任何功能，它會引發證書錯誤。

我已經嘗試以下操作：

1. Recreating the local trust relationship using following commands 
    $rootCert = (Get-SPCertificateAuthority).RootCertificate 
    New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert 

2. Adding "SharePoint Root Authority" certificate to certificate store on each server in the farm, in mmc SharePoint certificates "SharePoint Security Token Service" certificate is displayed under "SharePoint Root Authority" certificate. 

Answer 1

我也有類似的問題，我們的症狀是

<EventID>8311</EventID> 
... 
<Data Name="string3">NotTimeValid: Unknown error.</Data> 

的根本原因是，該網站浮出水面SSRS（在同一主機上）和它是SSRS（它具有與IIS不同的綁定引擎）證書已過期，但由SharePoint記錄。