I received this error on a PowerShell script for cmdlets New-SPTrustedRootAuthority and New-SPTrustedServiceTokenIssuer
The name exceeds the maximum allowed length.
+ CategoryInfo : InvalidData:(Microsoft.Share...viceTokenIssuer:SPCmdletNewTrustedServiceTokenIssuer) [New-SPTrustedServiceTokenIssuer], ArgumentException
+ FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewTrustedServiceTokenIssuer
This actually has nothing at all to do with lengths of anything, but is caused when the Service Token Issuer certificate is not paired with a Trusted Root Authority.
In a scripted environment build, the commands were similar to below (names changed to protect the innocent).
(On the Providing Farm)
New-SPTrustedRootAuthority $consumingRootCert -Certificate $trustCert
New-SPTrustedServiceTokenIssuer $consumingSTSCert -Certificate $stsCert
The commands use the first parameter as an identifier for SharePoint. The value of the parameter MUST be the same for the two certificates coming from the same environment. For example,
New-SPTrustedRootAuthority "ConsumingFarmCertificates" -Certificate $trustCert
New-SPTrustedServiceTokenIssuer "ConsumingFarmCertificates" -Certificate $stsCert
If anyone comes across this post as a result of meeting this error and can’t interpret my advice, let me know by posting a reply and I’ll see where I can improve the explanation.
Shnuggets 