The following is logged in the event log on an ADFS Proxy or ADFS Server:
Log Name: AD FS 2.0/Admin
Source: AD FS 2.0
Date: 15.09.2011 14:28:16
Event ID: 364
Task Category: None
Keywords: AD FS
User: NETWORK SERVICE
Encountered error during federation passive request.
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. —> System.ServiceModel.FaultException: An error occurred when verifying security for the message.
— End of inner exception stack trace —
System.ServiceModel.FaultException: An error occurred when verifying security for the message.
<TimeCreated SystemTime=”2011-09-15T12:28:16.218750000Z” />
(…this suggests a time difference between the ADFS Proxy and STS servers of 1 hour or greater.)
Possible causes for Event ID 364:
– The time difference between the ADFS proxy and the ADFS server is too big (should be synchronized as close together as possible – manually or via Win32Time)
– The SSL certificate of either the ADFS proxy or the ADFS server is failing revocation checking on either side (standard PKI troubleshooting applies).
– The SSL certificate of either the ADFS proxy or the ADFS server is unable to chain up to a Trusted Root on either side (verify all CA certificates in the chain are installed in the personal store of the application pool service account).