SharePoint2010场SharePoint安全令牌服务验证错误

Question

在我们的SharePoint 2010场，我们重申我们的SSL证书，并将更新后，我们开始得到以下错误在事件日志

Event ID 8311 
An operation failed because the following certificate has validation errors:\n\nSubject Name: 
    CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: \n\nErrors:\n\n 

RevocationStatusUnknown：吊销功能无法检查撤销证书。

网站通常使用正确的更新证书。即使SharePoint和自定义安全应用程序之间的声明身份验证也正常。但是有些服务是给喜欢搜索的严重问题在SharePoint中不能正常工作，并给予下列错误：

The requested service, 'http://server:32843/f6a9024b8bbe48ebae7e9ffc8f5809dd/SearchService.svc' could not be activated. See the server's diagnostic trace logs for more information. 
Stack trace: 
Server stack trace: 
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) 

当我在PowerShell中运行Get-SPSite的命令我获得以下错误

Get-SPSite : ID4257: X.509 certificate 'CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US' validation failed by the token handler. 

我不是能够关闭/激活服务器上的任何功能，它会引发证书错误。

我已经尝试以下操作：

1. Recreating the local trust relationship using following commands 
    $rootCert = (Get-SPCertificateAuthority).RootCertificate 
    New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert 

2. Adding "SharePoint Root Authority" certificate to certificate store on each server in the farm, in mmc SharePoint certificates "SharePoint Security Token Service" certificate is displayed under "SharePoint Root Authority" certificate. 

Answer 1

我也有类似的问题，我们的症状是

<EventID>8311</EventID> 
... 
<Data Name="string3">NotTimeValid: Unknown error.</Data> 

的根本原因是，该网站浮出水面SSRS（在同一主机上）和它是SSRS（它具有与IIS不同的绑定引擎）证书已过期，但由SharePoint记录。