Cannot open ADFS login page while testing connection or trying to log in with an error "err_connection_reset"

Issue:

When trying to connect to the fresh installation of ADFS from the CPM, you may receive an error message "err_connection_reset".

When this issue occurs, no error or warning message appear in the CPM log files.

Description:

This issue may happen because of several reasons:

IIS on the the machine where ADFS is running is not configured to allow connections via HTTPS on 443 port.
IIS is not running.
One of the firewalls/security groups between CPM and ADFS is blocking 443 port.

Resolution:

Check if IIS allows HTTPS traffic:

Open 'Server Manager' on the machine where ADFS hosted.
Select 'Tools'>'Internet Information Services (IIS) Manager'.
In the opened window, select your server then go to 'Sites'>'Default Web Site' and click 'Bindings'.
Verify if HTTPS binding is configured. If it is, please check if SSL certificate assigned to this binding and click OK. If it's not, click 'Add...'
In the 'Add Site Binding' window, select 'HTTPS' type and assign SSL certificate and click 'OK' and 'Close'.
Check connection from the CPM.

Check if IIS is installed on the machine where ADFS is hosted or if it's stopped.
Check your firewalls/security groups if they allow connection over port 443.

Related Articles
How to Integrate CPM with ADFS to allow Idp logins from windows AD users
Background: This How-To guide will outline how to configure CPM and a windows ADFS server to allow IdP logins. Before you get started you will need to check the prerequisites. This is very important. If they are not met or the Domain and any of the ...
Failed to open IdP login page or to test connection with the errors: "HTTP Error 503. The service is unavailable." or "404 - File or directory not found."
Issue: When trying to connect to IdP from CPM, you may receive errors: "HTTP Error 503. The service is unavailable." or "404 - File or directory not found." There are no errors in the AD FS event log or OKTA System logs, as well as CPM logs. ...
Login to the CPM using an IDP may fail with the "Invalid issuer" error message
If you're using an IDP, login to the CPM may fail with the following error message: login failed. reason: Invalid issuer in the Assertion/Response (invalid_response): It also may be found in the cpm_server.log: ERROR: ...
AD FS may produce “An error occurred” page when logging in or performing Test Connection
Problem: AD FS may produce “An error occurred” page when logging in or performing Test Connection Symptom: you may find an error like this in the Windows Event Logs for AD FS on the AD FS server: Microsoft.IdentityServer.Web.InvalidScopeException: ...
Failed to login to AD FS with the error: "The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy (invalid_response)"
Issue: When trying to login to AD FS from CPM, you may receive an error: "The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy (invalid_response)" The same error can be found in the ...

Cannot open ADFS login page while testing connection or trying to log in with an error err_connection_reset

Cannot open ADFS login page while testing connection or trying to log in with an error "err_connection_reset"

Related Articles

How to Integrate CPM with ADFS to allow Idp logins from windows AD users

Failed to open IdP login page or to test connection with the errors: "HTTP Error 503. The service is unavailable." or "404 - File or directory not found."

Login to the CPM using an IDP may fail with the "Invalid issuer" error message

AD FS may produce “An error occurred” page when logging in or performing Test Connection

Failed to login to AD FS with the error: "The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy (invalid_response)"