• While entering Orchestrator UI the following image is present: ${message}

• Following log trace is present in orchestrator logs:
  

  null, defaultTenant = vsphere.local, ssoClockTolerance = 300, tokenLifetimeInSeconds = 7776000, ssoTokenRenewCount = 5 (message: Required parameters are missing: username and/or password.)com.vmware.o11n.configuration.authentication.exception.MandatoryParameterMissingException: error.missing.credentials        at 

• following log trace is present inside websso.log from vcenter:
  

  ERROR websso[80:tomcat-http--31] [CorId=XXXXXXXXX] [com.vmware.identity.samlservice.AuthnRequestState] Could not validate the signature against message.java.lang.IllegalStateException: Signature verification failed.        at com.vmware.identity.samlservice.impl.SamlServiceImpl.verifySignature(SamlServiceImpl.java:146) ~[websso-7.0.0.jar:?] 

8.12.2

During the Configuration of Authenticator Provider vcenter is unable to validate certificate and credentials sent from Orchestrator

1. Open vcenter and orchestrator certificate from a browser and check 'Certification Path'
2. Press 'View certificate' on Root and intermediate CA (one at a time)
3. Go to 'Details'
4. Take note of 'thumbprint' and match it between vcenter and Orchestrator
5. Go to Orchestrator's 'control center'
6. Confirm that the certificates are listed under 'Trusted SSL certificates'
7. If necessary import the missing certificates
8. Go to 'Authentication Provider' from the Control center landing page
9. Press 'Unregister' (make sure not to use password autocomplete for both username and password)
10. Configure again the vsphere Authentication Provider (make sure not to use password autocomplete for both username and password)
11. Test the UI

It was noted that some browser plugins that are used to store and autocomplete passwords do not correctly send the credentials during this configuration