Issue:
We were unable to update Relying Party using Update Federation Metadata button in ADFS as can be seen in the below screenshot:
There were no errors reported in the EventViewer for this and trying to reconfigure Relying Party Trust failed as well.
Solution:
With ADFS and IFD the problem has always been the Certificates, so we went back to reviewing the Certificates and noticed it did not have permissions for the Network Service Account to read.
Making the change as shown below resolved the problem.
- Manage Private Keys to bring up the permissions window
2. Next, edit the Network Service account and provide Read control to it.
3. Restarting ADFS services after this, allowed us to update the Federation Metadata.
