{"id":4251,"date":"2019-07-10T07:10:29","date_gmt":"2019-07-10T07:10:29","guid":{"rendered":"https:\/\/pariswells.com\/blog\/?p=4251"},"modified":"2019-07-10T07:10:29","modified_gmt":"2019-07-10T07:10:29","slug":"azure-mfa-user-portal-the-remote-certificate-is-invalid-according-to-the-validation-procedure","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/research\/azure-mfa-user-portal-the-remote-certificate-is-invalid-according-to-the-validation-procedure","title":{"rendered":"Azure MFA user Portal &#8211; The remote certificate is invalid according to the validation procedure."},"content":{"rendered":"<p id=\"oUIaPPq\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-4252 size-medium alignleft img-responsive\" src=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2019\/07\/img_5d258e8642775-300x156.png\" alt=\"\" width=\"300\" height=\"156\" srcset=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2019\/07\/img_5d258e8642775-300x156.png 300w, https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2019\/07\/img_5d258e8642775-768x400.png 768w, https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2019\/07\/img_5d258e8642775.png 974w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>\u00a0If you host your Azure MFA User Portal outside of your MFA Server e.g. in a DMZ , the User portal server has to speak to this MFA server via SSL using the SDK and also via a certificate. Make sure the SSL of you MFA server is valid. It might be self signed internally on that server ( cannot be from the domain as the DMZ server can&#8217;t speak to your domain ) so you need to create a new one and transfer it securely to the User portal and install it on the Trusted Root Authority\u00a0<\/p><p><strong>System.Security.Authentication<\/strong><\/p><p><strong><span class=\"st\"><em>This certificate cannot be verified up to a trusted<\/em> certification<\/span><\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>\u00a0If you host your Azure MFA User Portal outside of your MFA Server e.g. in a DMZ , the User portal server has to speak to this [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1464,2950,3030,1691,1500,850,3029],"class_list":["post-4251","post","type-post","status-publish","format-standard","hentry","category-research","tag-azure","tag-mfa","tag-phonefactor-net","tag-portal","tag-renew","tag-ssl","tag-the-remote-certificate-is-invalid-according-to-the-validation-procedure"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4251","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=4251"}],"version-history":[{"count":1,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4251\/revisions"}],"predecessor-version":[{"id":4253,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4251\/revisions\/4253"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=4251"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=4251"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=4251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}