Problem:

The following is logged in the event log on an ADFS Proxy or ADFS Server:

Log Name:      AD FS 2.0/Admin
Source:        AD FS 2.0
Date:          15.09.2011 14:28:16
Event ID:      364
Task Category: None
Level:         Error
Keywords:      AD FS
User:          NETWORK SERVICE
Computer:      ADFSProxy01
Description:
Encountered error during federation passive request.

Additional Data:
Exception details:
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: An error occurred when verifying security for the message.
   --- End of inner exception stack trace ---

......
System.ServiceModel.FaultException: An error occurred when verifying security for the message.
....
Event Xml:
….   
<TimeCreated SystemTime="2011-09-15T12:28:16.218750000Z" />


(...this suggests a time difference between the ADFS Proxy and STS servers of 1 hour or greater.)

 

Possible causes for Event ID 364:

- The time difference between the ADFS proxy and the ADFS server is too big (should be synchronized as close together as possible - manually or via Win32Time)

- The SSL certificate of either the ADFS proxy or the ADFS server is failing revocation checking on either side (standard PKI troubleshooting applies).

- The SSL certificate of either the ADFS proxy or the ADFS server is unable to chain up to a Trusted Root on either side (verify all CA certificates in the chain are installed in the personal store of the application pool service account).