Führen Sie das folgende Skript aus:#Create a cookie signing cert from the On-Prem Server
$cert = New-SelfSignedCertificate -CertStoreLocation “Cert:\LocalMachine\My” -Provider “Microsoft Enhanced RSA and AES Cryptographic Provider” -Subject “CN=SharePoint Nonce Cookie Cert”
#Find the Private Key and Path
$privatekey_rsa = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert)
$fileName = $privatekey_rsa.key.UniqueName
$path = “$env:ALLUSERSPROFILE\Microsoft\Crypto\RSA\MachineKeys\$fileName”
#Get current permisions for the Private Key
$permissions = Get-Acl -Path $path
#Modify permissions to include the “WSS_WPG” Group
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule( “$env:COMPUTERNAME\WSS_WPG”, “Read”, “None”, “None”, “Allow”)
$permissions.AddAccessRule($rule)
Set-Acl -Path $path -AclObject $permissions
#Set the Farm Properties with the Nonce Cookie using the new Cert
$f = Get-SPFarm
$f.Farm.Properties[‘SP-NonceCookieCertificateThumbprint’]=$cert.Thumbprint
$f.Farm.Properties[‘SP-NonceCookieHMACSecretKey’]=’seed’
$f.Farm.Update()