KB ID 0001129
Problem
When installing the Active Directory Federation Services Role, you need to supply a certificate. I was running this up using a self signed wildcard certificate when this happened;
The certificate with the specified thumbprint {thumbprint} has a Cryptographic Next Generation (CNG) private key. The certificates with the CNG private key are not supported. Use a certificate based on a key pair generated by a legacy Cryptographic Service Provider.
Solution
I was generating a wildcard certificate using this method. By default it uses the CNG Key, you need to specify Legacy Key instead, (I’ve updated the post mentioned above to point out where that’s done).
Related Articles, References, Credits, or External Links
NA