Error.The root of the certificate chain is not  a trusted root authority

This error message may appear when you redirect form STS site to  SharePoint site after sign-in. The common reason should be the signing  certificate is not installed in SharePoint Trusted store.Install.bat should  install the signing certificate in SharePoint trusted store but it will fail if you not  have enough privilege to install this certificate to SharePoint trusted store,  maybe windows UAC or user privilege prevent this. Solution You can run install.bat with enough privilege or install signing certificate manually in  SharePoint trusted store. Regardless which method you choose, go to SharePoint Central Administration->Security->Manage trust and ensure the certificate installed properly. Run install.bat with administrator privilege. You can do one of the following to run bath file: Run with "administrator" account. Account name should be exactly "administrator"  not a user that exists in administrators group Rub Batch File as Administrator Turn off UAC (User Account Control) Install signing certificate manually to SharePoint trusted store. Open SharePoint Central Administration->Security->Manage trust. Select New in Manage trust page and choose a name and the certificate file​ that have "Security Certificate (.cer)" file type. Press OK.