Users getting the following message after unsuccessful login:

WARNING: For added security, ensure the URL that you use comes from a legitimate source. To remove this warning message, an administrator must enable Single Sign-On spoofing protection.

When going to log into the DX NetOps Performance Management Portal web UI the above error is presented to users.

The error prevents successful log in to the web UI despite use of valid credentials.

Some users are able to access the web UI using different browsers, though these aren't browsers supported for use in the environment.

All supported DX NetOps Performance Management releases

Current browser security settings require that the alias used to access the URL be listed as one of the available SAN entries in the website.

This is true even if the site is HTTP.

workaround - 

use SsoConfig to set the remote value for Web Site Host to match the name or IP you are using in the URL when you launch the browser.

usually this will be the FQDN, but sometimes the IP address is used.

This is resolved using one of two methods.

1. If able to access the Web UI using an alternative browser, the UI can be used to correct the configuration and eliminate the error.
   1. Follow the steps found on the Configure Login URL Protection documentation topic.
2. Unable to access the Web UI via supported nor alternative browsers?
   1. Documentation suggests ability to configure this via the SsoConfig tool run on the Portal web server terminal CLI.
   2. At this time that option isn't found in the SsoConfig options for 21.2.12+ releases when this was introduced. 
      1. It is considered a defect and has been submitted to engineering as DE544546.
      2. The solution will be to update SsoConfig. Support for Login URL Protection configuration will be added to the SsoConfig tool options.
      3. Information is current as of August 30th, 2022. Watch this KB for updates regarding release a solution will be added to.