这个问题通常是由于使用的证书不匹配或证书已经过期而引起的。可以使用以下代码来验证证书并解决该问题:
var handler = new Saml2SecurityTokenHandler(); handler.Configuration = new SecurityTokenHandlerConfiguration(); var certificateValidation = new X509CertificateValidationFlags(); certificateValidation |= X509CertificateValidationFlags.ChainTrust; certificateValidation |= X509CertificateValidationFlags.PeerTrust; certificateValidation |= X509CertificateValidationFlags.RevocationModeOnline; certificateValidation |= X509CertificateValidationFlags.RevocationFlagEntireChain; handler.Configuration.CertificateValidator = X509CertificateValidator.ChainTrust; handler.Configuration.ServiceCertificate = AppCertificate; handler.Configuration.CertificateValidationMode = X509CertificateValidationMode.Custom; handler.Configuration.CustomCertificateValidator = new ChainTrustValidator(certificateValidation);
其中,AppCertificate为应用程序证书。
通过上述代码,可以自定义验证证书的步骤,从而解决该问题。