Hi.
I've been tasked with implementing SSPR into our environment utilising MIM and Azure MFA.
I had it all working perfectly, except for it wasn't applying the DefaultCountryCode from the MFASettings.xml file.....eventually managed to get that to work! but now i'm getting an error everytime a user tries to reset their password:
Exception: The specified network password is not correct.; StackTrace: at System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromFile(String fileName, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at pf_auth.send_message(String target, String message, String cert_file_path, String& body)
at pf_auth.pf_authenticate_internal(PfAuthParams pfAuthParams, Boolean asynchronous, String& otp, Int32& call_status, Int32& error_id)
at Microsoft.IdentityManagement.AzureMfaServiceProvider.PhoneAzureMfaProvider.AzureMfaAuthenticate(PfAuthParams pfAuthParams, Int32& callStatus, Int32& errorId); InnerException null; callStatus=0, errorId=0, Certificate File Path: C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\MFACerts\cert_key.p12
I've checked the account running the FIM Service and even tried reentering the credentials for this. I know they are correct as i can log in as that account.
Has anyone come across this before or can point me in the right direction?
Many Thanks
AG