Error "The requested resource was not found on this server" when trying to login to a tenant portal using SAML in VMware Cloud Director
Article ID: 423228
Updated On:
Products
VMware Cloud Director
Issue/Introduction
- F5 load balancer is configured for VCD(VMware Cloud Director) and Azure is configured as the SAML provider for tenants. When trying to login to the VCD tenant portal using SAML an error "The requested resource was not found on this server" is observed.
- In logs of F5 load balancer, you see error similar to:
/Common/vCD_SAML:Common:04315875:/Common/vCD_SAML_act_saml_auth_12_ag: TMM returned error for crypto operation 'Signature element of SAML response is invalid' - Tenant portal is accessible using the system admin account.
- Tenant portal is accessible using a different SAML domain and the issue is isolated to a specific SAML domain.
- Using KB VCD HAR file collection get the request ID.
- Checking the
/opt/vmware/vcloud-director/logs/vcloud-container-debug.logon all cells, the request ID was not found.
Environment
VMware Cloud Director 10.6.x
Cause
The problem stems from a failed SSL handshake between the Load Balancer and the external identity provider due to a thumbprint mismatch, which places the issue outside the scope of VCD.
Resolution
Involve the load balancer and the external identity provider to troubleshoot the issue further.
Feedback
Yes
No
Powered by
