Federated users in an Active Directory Federation Services (ADFS) environment experience authentication issues in Office 365, Intune, or Azure. When a federated user browses to their ADFS logon page at https://sts.contoso.com/ADFS/LS/IDPinitiatedSignOn.aspx, they receive a message that says that says that there's no Secure Sockets Layer (SSL) certificate.
Note In the URL, "sts.contoso.com" represents your AD FS federation service name.
When you run the Single Sign-On Test in Microsoft Remote Connectivity Analyzer (testconnectivity.microsoft.com), the test fails when it tries to contact your ADFS endpoint, and you receive the following error message:
No certificate found
This issue may occur if Transport Layer Security (TLS) 1.0 is disabled on the ADFS server.
Important Follow the steps in this section carefully. Serious problems might occur if you change the registry incorrectly. Before you change it, back up the registry for restoration in case problems occur.
Make sure that TLS 1.0 is enabled on the ADFS servers in your environment. To do this, follow these steps on each server:
In Registry Editor, locate and then click the following registry subkey: