I received this email from a friend of mine, who is not only a really badAss Windows and Azure Engineer, but he’s also a SharePoint BadAss too! Enjoy and I hope it helps you.

1. Sharepoint Security Token Service
2. Sharepoint Security Token Service Application
3. Square Enix Security Token

Had an issue today on one of my developer’s VMs. The Security Token Service stopped working which caused several other service applications to fail, managed metadata service, bcs, secure store service, and more. A quick browse through the event log showed the following errors logged: Event 3 System.ServiceModel 3.0.0.0. A Security Token Service is a software based identity provider responsible for issuing security tokens, especially software tokens, as part of a claims-based identity system. Go to IIS Manager Expand Connection list Application Pools and check if SharePoint Central Administration Application Pool and Security Token Service Application Pool are started. Select “SecureTokenServiceApplicationPool” under SharePoint Web Services and then double click “.NET Trust Levels” under Features View.

On Tue, Dec 10, 2019 at 8:45 AM -0500, “Brad Slagle” <addressremoved> wrote:

Icreated a new 2016 farm. Installation and Grey wizard completed withouterror. After getting CA open then I opened a SP2016 Management shell andtyped get-spsite I got this error:

get-spsite : The server did not provide ameaningful reply; this might be caused by a contract mismatch, apremature session shutdown or an internal server error.

Sharepoint Security Token Service

I tried to re-provision the site STS and localhost:38843 was still not working.

I found some documentationsomewhere that showed a local policy: Computer Configuration-> Windows Settings -> Security Settings -> Local Policies ->Security Options -> “Network security: Configure encryption typesallowed for Kerberos”

It showed that you needed the following to be allowed:

RC4_HMAC_MD5
AES128_HMAC_SHA1
AES256_HMAC_SHA1

On my server the RC4_HMAC_MD5 option was notchecked off. After allowing it and resetting IIS, the STS startedworking.

I found your article about rebuilding the STSon the blog, but my STS wouldn’t start without that local policy and I figuredyou should put an article on your blog about it. Also the error aboutproviding a meaningful reply really didn’t turn up anything useful.

Just figured I could help you get a uniquearticle on your blog that I have not seen anywhere else on the web.

Brad

Symptoms

In SharePoint Foundation 2010, you may experience one or more of the following symptoms:

• You will see the message 'The requested service, http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas could not be activated' in the application event logs of the servers.
• Users will not be able to log in to SharePoint sites that are using claims authentication.
• SharePoint internal operations that rely on claims authentication will not function correctly.

Cause

This problem can be caused if one or more of the following conditions are true:

• The .NET trust level for the secure token service is not set to 'Full' in IIS.
• The application pool for the secure token service is not started or is using invalid credentials.

Resolution

Sharepoint Security Token Service Application

​In order to resolve this problem, you can try one of the following possible solutions:

• From IIS Manager, click on the SecureTokenServiceApplication. In the 'Features View', double click on .NET Trust Levels. Ensure that the trust level is set to 'Full'
• From IIS Manager, ensure that the application pool for SecureTokenServiceApplication is running. By default, the name of the application pool is SecureTokenServiceApplicationPool.

More information

Square Enix Security Token

Still need help? Go to SharePoint Community.