The full error:
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Trying to get the Web Application Proxy on Server 2012 R2 working with the new ADFS.
Mr. Google to the rescue.
You need to export the certificate (the one behind the federation server name) and place it in the "Computer account" (not "My user account") under "Trusted Root Certification Authorities".
And while I'm on the subject:
Every time you try and install the proxy, it creates certificates under Personal called "ADFS ProxyTrust - machine name".
But if the installation fails. the old ones are not deleted.
Then I got the above error message but the thumbprint in the message was from a previous attempt not the latest.
So I uninstalled WAP and then deleted all these certificates- under "Local Computer - Personal - Certificates".
Then I went to the ADFS installation and under the Service tab - "Revoke All Proxies".
Then re-installed WAP.
Then it worked!