For some reason the client tools get the following exception from the ADFS server:

ID3242 The security token could not be authenticated or authorized

In the event log of the ADFS server you see a error message
 

MSIS7098: The certificate identified by thumbprint '1234ABCDCertificateThumbprint' is not valid. It might indicate that the certificate has been revoked, has expired, or that the certificate chain is not trusted.

How do I configure ADFS to not validate the encryption certificate of a specific relying party end point?
(For example when the CRL list cannot be retrieved from the Certificate Authority for example.)

Execute the following PowerShell command to get the list of relying parties in ADFS.

Get-AdfsRelyingPartyTrust | Select-Object -Property name

From this list copy the relying party entry of which you want to turn off the encryption certificate validation.
As example I'm using this name:

SDL.ISH - tridionDoc.base.url - ISHWS

Execute the following PowerShell commands to not validate the encryption certificate of a specific relying party end point:

$rpname = "SDL.ISH - tridionDoc.base.url - ISHWS"
Get-AdfsRelyingPartyTrust -Name $rpname | Set-AdfsRelyingPartyTrust -SigningCertificateRevocationCheck None -EncryptionCertificateRevocationCheck none

 

https://www.torivar.com/2016/03/22/adfs-3-0-disable-revocation-check-windows-2012-r2/