Topic
The following error is returned when trying to open any K2 site:
Server Error
WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'WindowsSTS'
Instructions
Please ensure that the thumbprint saved in the areas listed below match with the thumbprint of the 'K2 STS Certificate':
- WindowsSTS web.config
- Go to {K2 Installation Folder}\WebServices\Identity\Sts\Windows.
- Open the web.config on any text editor.
- Look for
<add key="Thumbprint"and check the value mapped to it.
[Identity].[ClaimIssuer]table- Run the following query on the K2 database:
SELECT * FROM [Identity].[ClaimIssuer] WHERE [Issuer] = 'WindowsSTS' - Check the
[Thumbprint]returned by the query.
- Run the following query on the K2 database:
To determine the thumbprint of the 'K2 STS Certificate', you may follow the steps below:
- Open IIS Manager on the web server hosting the K2 site.
- Go to 'Server Certificates'.
- Look for the certificate with Name = 'K2 STS Certificate'. The Certificate Hash value is the thumbprint for this certificate.
If the web.config file or the [Identity].[ClaimIssuer] table has the wrong thumbprint, please contact Nintex Support to assist with updating the value.