If you performed inplace upgrade of Windows Server 2012 to Windows Server 2012 R2 with Sharepoint Server running you may face with the following error after upgrade will be completed: when you will try to open any Sharepoint web application the following exception will be shown:
WebHost failed to process a request.
Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/12547953
Exception: System.ServiceModel.ServiceActivationException: The service '/SecurityTokenServiceApplication/securitytoken.svc' cannot be activated due to an exception during compilation. The exception message is: Exception has been thrown by the target of an invocation.. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.ArgumentNullException: Value cannot be null.
Parameter name: certificate
at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate, String id, Boolean clone, Boolean disposable)
at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate)
The error says that certificate for Secure token service is not specified. In order to fix this error you need to replace certificate for STS:
- Open IIS manager > Server certificates > Create Self-Signed Certificate
- After that export created certificate to local folder:
Next run the following PowerShell script which will update certificate for STS:
$pfxPath = "path to pfx" $pfxPass = "certificate password" $stsCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $pfxPath, $pfxPass, 20 Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $stsCertificate certutil -addstore -enterprise -f -v root $stsCertificate iisreset net stop SPTimerV4 net start SPTimerV4
After that open Sharepoint web app again.