SharePoint 2019 Workflows stuck on starting with error None of the trusted issuers specified by the server’s 401 challenge match the client’s known issuer

Posted on December 30, 2020 by pgbhoyar

We recently deployed the Workflow Manager in SharePoint 2019 farm. After we deployed the April 2020 CU, the SharePoint 2013 style workflows were getting stuck on starting with the following error.

System.Net.WebException: The request was aborted: The request was canceled. —> System.InvalidOperationException: None of the trusted issuers specified by the server’s 401 challenge match the client’s known issuer ‘00000005-0000-0000-c000-000000000000@e2a61c0c-7b9c-4095-a643-554242c8cb17’. For reference, the following trusted issuers were returned by the server: 00000005-0000-0000-c000-000000000000*, 00000003-0000-0ff1-ce00-000000000000@e2a61c0c-7b9c-4095-a643-554242c8cb17.

The root cause of this error is incorrect RegisteredIssuerName in the SPTrustedSecurityTokenIssuer.

To resolve this issue,

  1. Start the SharePoint 2019 Management Shell using the Farm account
  2. Find the id of the existing SPTrustSecurityTokenIssuer using the cmdlet Get-SPTrustedSecurityTokenIssuer

    In the output, we need to look for the token issuers with the DisplayName as “00000005-0000-0000-c000-000000000000”. Copy the id which will be below the DisplayName

  3. Remove the existing SPTrustSecurityTokenIssuer using cmdlet Remove-SPTrustedSecurityTokenIssuer -Identity “Id we got in the step 2”
  4. Register new SPTrustSecurityTokenIssuer using the cmdlet

    If you are using https then

    New-SPTrustedSecurityTokenIssuer -Name “00000005-0000-0000-c000-000000000000” -MetadataEndPoint ‘https://workflowmanagerservername:12290/$System/$Metadata/json/1’ -RegisteredIssuerName “00000005-0000-0000-c000-000000000000@*”

    If you are using http then

    New-SPTrustedSecurityTokenIssuer -Name “00000005-0000-0000-c000-000000000000” -MetadataEndPoint ‘http://workflowmanagerservername:12291/$System/$Metadata/json/1’ -RegisteredIssuerName “00000005-0000-0000-c000-000000000000@*”

  5. Terminate the existing instance of the SharePoint 2013 styles workflows and re-run them.

You can find detailed information about this issue and it’s resolution here. https://techcommunity.microsoft.com/t5/sharepoint-support-blog/sharepoint-2019-issue-with-sharepoint-2013-workflows-post-april/ba-p/1440656

About pgbhoyar

Prashant G Bhoyar is a Microsoft AI MVP and Microsoft Certified Professional. He currently works as a Senior Solution Architect at WithumSmith+Brown, P.C. (formerly Portal Solutions), one of the top 30 advisory and accounting firms in the United States. He is a trusted advisor and Subject Matter Expert in Intelligent Business Process Automation, development and post-implementation adoption of complex custom solutions in AI, Machine Learning, Bots, Azure, Office 365, and SharePoint. Prashant has supported a multitude of government agencies and non-profit organizations in the Washington D.C. metropolitan area. Prashant is the co-author of the book “PowerShell for Office 365 “and is the technical reviewer of the book "Pro SharePoint 2013 Administration." He serves on the leadership committee for the Azure Data Fest conference, Artificial Intelligence Fest conference, Artificial Intelligence and Machine Learning User Group, DC Metro Office 365 User Group, SharePoint Saturday Baltimore event, and SharePoint Saturday Washington DC event. He is a renowned international speaker and actively speaks at technical conferences, most recently in India, Canada, England, Bangladesh, Peru , Washington DC, Austin, New York, Chicago, Seattle, New Orleans, Baltimore, Philadelphia. Fun fact??, Prashant is a recipient of the "Antarctic Service Medal of the United States of America" for his outstanding service in Antarctica.
This entry was posted in SharePoint 2019, SharePoint Designer 2013 Workflows, SharePoint Workflows, Workflow Manager. Bookmark the permalink.

Leave a comment