Scenario:
New physical DC running Server 2012 R2 (AD DS and DNS) with no other roles. Installed and configured AD FS. First server in a new farm. Service account created in AD for the farm servers. Wildcard certificate used. No problems with this part.
Trying to add a second server to the farm. This is an existing virtual DC running Server 2012 (not R2). Again no other roles other than AD DS and DNS. Installed AD FS. Running the configuration I select 'Add a federation server to an existing Federation Service'. I use the internal FQDN of the first server and select my service account (entering the password). I hit next and get the green progress bar for a few seconds then errors with the following...
"The primary federation server was contacted successfully, but the configuration data was not valid."
There is nothing in the AD FS logs. Tried a search and found nothing related to this specific message. I've tried importing the certificate manually before running the configuration. I've also associated the certificate with the default website.
Any suggestions would be greatly appreciated.
