Documents‎ > ‎4. Troubleshoots​‎ > ‎

Error: The root of the certificate chain is not a trusted root authority

This error message may appear when you redirect form STS site to SharePoint site after sign-in. The common reason should be the signing certificate is not installed in SharePoint Trusted store.
"Install.bat" should install the signing certificate in SharePoint trusted store but it will fail if you not have enough privilege to install this certificate to SharePoint trusted store, maybe windows UAC or user privilege prevent this.


You should run "install.bat" with enough privilege or install signing certificate manually in SharePoint trusted store. Regardless which method you choose, go to SharePoint Central Administration->Security->Manage trust and ensure the certificate installed properly.

Run "install.bat" with administrator privilege.

You can do one of the following to run bath file:

  • Run with "administrator" account. Account name should be exactly "administrator" not a user that exists in administrators group
  • Rub Batch File as Administrator
  • Turn off UAC (User Account Control)

Install signing certificate manually to SharePoint trusted store.

  1. Open SharePoint Central Administration->Security->Manage trust.
  2. Select New in Manage trust page and choose a name and the certificate file​ that have "Security Certificate (.cer)" file type.
  3. Press OK.