|BITE (show) (Photo credit: Wikipedia)|
This is the default mode when you install ADFS, and when your certificate expires, you'll get something that looks like this:
The key to your answer is in the first line:
ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry.
All you need to do is insert the new thumbprint from your ADFS Token-signing certificate.
Make sure it's all in uppercase, and you've not added any invalid character codes, or spaces in the thumbprint or you will continue to get this error message.
You are better served by generating another certificate for a longer period than the default 1 year. You can easily do this by opening Windows PowerShell and issuing the following:
First, add your snapin:
Show a list of your ADFS properties.
Set your certificate duration for 3 years.
Set-AdfsProperties -CertificateDuration 1095
Immediately update your Issuing certificate, and break any existing RP's that don't consume your Federation Metadata automagically.
UpdateThis year our cert automatically rolled over, requiring me to not only to update our RP's with the latest certificate, but a custom web app I wrote needed the STS info updated to include BOTH Token Signing Certificate thumbprints.