The error "[500] An error occurred while fetching identity providers" appears while login to vCenter Server UI.
search cancel

The error "[500] An error occurred while fetching identity providers" appears while login to vCenter Server UI.

book

Article ID: 322178

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms

 Log in to the vCenter Server UI fails with the following error: "[500] An error occurred while fetching identity providers. Try again. If problem persists, contact your administrator."

In environments using Enhanced Linked Mode (ELM), this error may impact all linked vCenter nodes.

The following entries appear in /var/log/vmware/vsphere_ui/logs/vsphere_client_virgo.log[ERROR] http-nio-5090-exec-4 com.vmware.vsphere.client.security.oauth2.LoginRequestHandler An error occurred while fetching providers com.vmware.vapi.std.errors.Unauthenticated

Environment

VMware vCenter Server 8.x
VMware vCenter Server 7.x

Enhanced Linked Mode (ELM)

Cause

Expiration of the Security Token Service (STS) signing certificate, Machine_SSL certificate, or Solution User certificates. In ELM environments, expiration on one node can disrupt the identity provider service across the entire SSO domain.

Resolution

  1. Verify certificate expiration status by running the following command on the vCenter Server Appliance: for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done
  2. If certificates are expired, use the vCert utility to reset and replace the STS and Solution User certificates.
  3. In Enhanced Linked Mode (ELM), perform the certificate replacement on the impacted node(s).
  4. Restart all services on all vCenter nodes in the ELM environment to ensure the new certificates are recognized: service-control --stop --all && service-control --start --all
  5. If you need to direct a customer specifically to a support phone number, see Contact Support. Scroll to the bottom of the page and click on your respective region.

Additional Information