OpsMan ADFS SAML authentication fails with "This page isn't working right now" "ERR_TOO_MANY_REDIRECTS" errors
search cancel

OpsMan ADFS SAML authentication fails with "This page isn't working right now" "ERR_TOO_MANY_REDIRECTS" errors

book

Article ID: 381670

calendar_today

Updated On: 01-06-2025

Products

VMware Tanzu Kubernetes Grid Integrated Edition Ops Manager

Issue/Introduction

OpsMan is integrated with ADFS for SAML authentication. The browser shows "This page isn't working right now" "ERR_TOO_MANY_REDIRECTS" errors.

Environment

OpsMan v3.0

Cause

There may be a mismatch between OpsMan SAML certificate and the one imported in ADFS Relying Party Trust.

Resolution

  1. Get the OpsMan SAML certificate thumbprint. The certificate can be found in OpsMan > Settings > SAML Settings.
    # openssl x509 -in <certificate>.crt -noout -fingerprint
  2. Get the thumbprint of the certificate configured in ADFS Relying Party Trust:
    In ADFS – “(Get-ADFSRelyingPartyTrust -Name <NAME>).encryptioncertificate”
  3. Compare both thumbprints.
  4. If different, import the OpsMan SAML certificate into ADFS Relying Party Trust.
    Steps on how to configured ADFS as OpsMan IDP can be found in https://techdocs.broadcom.com/us/en/vmware-tanzu/platform/tanzu-operations-manager/3-0/tanzu-ops-manager/opsguide-adfs-sso-configuration.html#adfs 

If the above checks don't resolve the issue, further troubleshooting steps can be found in KB How to troubleshoot and fix Operations Manager authentication issues with SAML IdP