When an automated task that contacts Microsoft to download the Microsoft Federation Metadata, the automated process contacts the ADFS URL to download, but returns an error. The Microsoft Office 365 Identity Platform Relying Party Trust shows a red X indicating the update failed. When manually kicked off, it works fine.
EventID 168: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Note: create a backup of the system registry before proceeding.
Remove the value of the trust mode control in the registry by editing the REG_DWORD "ClientAuthTrustMode" under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel. (Source: https://docs.microsoft.com/en-us/windows-server/security/tls/what-s-new-in-tls-ssl-schannel-ssp-overview).
Subscribing will provide email updates when this Article is updated. Login is required.