When configuring OpenID Connect in Messaging Gateway via the Administration > OpenID Connect page, the Discover button generates a Connection Refused error if SMG is configured to use a proxy server and that proxy server is required to connect to the OpenID server.

The Control Center web application isn't using the proxy settings from Administration > Configuration > host > Proxy to connect to the OpenID server and is, instead, attempting to connect directly to the discovery URL.

BrightmailLog.log:

Aug 27 2024 09:54:56 [https-jsse-nio-443-exec-3] [OidcFlow] ERROR - Error occured while fetching IDP metadata. Exception:  
java.net.ConnectException: Connection refused (Connection refused)"

This is a known issue and will be corrected in a future release of the SMG product. 

There is currently no workaround and the Messaging Gateway Control Center will need to be able to connect directly to the OpenID server.