diff --git a/assets/js/pages/Login/Login.test.jsx b/assets/js/pages/Login/Login.test.jsx
index e542ee2836..e9dde84030 100644
--- a/assets/js/pages/Login/Login.test.jsx
+++ b/assets/js/pages/Login/Login.test.jsx
@@ -206,5 +206,26 @@ describe('Login component', () => {
       });
       expect(loginButton).toBeVisible();
     });
+
+    it('should display an error message is the SSO url is empty', async () => {
+      jest.spyOn(authConfig, 'isSingleSignOnEnabled').mockReturnValue(true);
+      jest.spyOn(authConfig, 'getSingleSignOnLoginUrl').mockReturnValue('');
+
+      const [StatefulLogin] = withState(<Login />, {
+        user: {
+          loggedIn: false,
+          authInProgress: false,
+        },
+      });
+
+      renderWithRouter(StatefulLogin);
+
+      await waitFor(() =>
+        screen.getByText(
+          `An error occurred while trying to access the Single Sign-On IDP host.`,
+          { exact: false }
+        )
+      );
+    });
   });
 });
diff --git a/assets/js/pages/Login/LoginSSO.jsx b/assets/js/pages/Login/LoginSSO.jsx
index e8676f0dda..206d38b318 100644
--- a/assets/js/pages/Login/LoginSSO.jsx
+++ b/assets/js/pages/Login/LoginSSO.jsx
@@ -3,6 +3,15 @@ import React from 'react';
 import Button from '@common/Button';
 
 export default function LoginSSO({ singleSignOnUrl, error }) {
+  if (!singleSignOnUrl) {
+    return (
+      <span className="block text-sm font-medium">
+        An error occurred while trying to access the Single Sign-On IDP host.
+        Should the error persist, contact the administrator.
+      </span>
+    );
+  }
+
   return (
     <>
       {error && (
diff --git a/assets/js/pages/SSOCallback/SSOCallback.test.jsx b/assets/js/pages/SSOCallback/SSOCallback.test.jsx
index 59a891b1d7..7b82299f10 100644
--- a/assets/js/pages/SSOCallback/SSOCallback.test.jsx
+++ b/assets/js/pages/SSOCallback/SSOCallback.test.jsx
@@ -4,6 +4,7 @@ import 'intersection-observer';
 import '@testing-library/jest-dom';
 import userEvent from '@testing-library/user-event';
 import { withState, renderWithRouterMatch } from '@lib/test-utils';
+import * as authConfig from '@lib/auth/config';
 import SSOCallback from './SSOCallback';
 
 describe('SSOCallback component', () => {
@@ -50,6 +51,10 @@ describe('SSOCallback component', () => {
   it('should display an error message if authentication fails', async () => {
     const user = userEvent.setup();
 
+    jest
+      .spyOn(authConfig, 'getSingleSignOnLoginUrl')
+      .mockReturnValue('http://idp-url');
+
     const [StatefulOidCallback] = withState(<SSOCallback />, {
       user: {
         authError: true,
diff --git a/config/runtime.exs b/config/runtime.exs
index 4550dad135..570417c471 100644
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -185,6 +185,8 @@ if config_env() in [:prod, :demo] do
     )
   end
 
+  config :assent, http_adapter: {Assent.HTTPAdapter.Httpc, [ssl: [cacerts: cacerts]]}
+
   config :trento, :oidc,
     enabled: enable_oidc,
     callback_url:
diff --git a/lib/trento_web/controllers/page_controller.ex b/lib/trento_web/controllers/page_controller.ex
index 270fb870b8..0be7cd5225 100644
--- a/lib/trento_web/controllers/page_controller.ex
+++ b/lib/trento_web/controllers/page_controller.ex
@@ -1,6 +1,8 @@
 defmodule TrentoWeb.PageController do
   use TrentoWeb, :controller
 
+  require Logger
+
   def index(conn, _params) do
     check_service_base_url = Application.fetch_env!(:trento, :checks_service)[:base_url]
     charts_enabled = Application.fetch_env!(:trento, Trento.Charts)[:enabled]
@@ -57,15 +59,19 @@ defmodule TrentoWeb.PageController do
   defp sso_details_for_provider(conn, provider) do
     full_callback_url = Application.fetch_env!(:trento, provider)[:callback_url]
     enrollment_provider = "#{provider}_local"
+    enrollment_url = ~p"/api/session/#{enrollment_provider}/callback"
 
     %URI{path: callback_url} =
       URI.parse(full_callback_url)
 
-    {:ok, login_url, _} =
-      PowAssent.Plug.authorize_url(conn, enrollment_provider, full_callback_url)
+    case PowAssent.Plug.authorize_url(conn, enrollment_provider, full_callback_url) do
+      {:ok, login_url, _} ->
+        {true, callback_url, login_url, enrollment_url}
 
-    enrollment_url = ~p"/api/session/#{enrollment_provider}/callback"
+      {:error, reason, _} ->
+        Logger.error("error getting SSO authorization url: #{inspect(reason)}")
 
-    {true, callback_url, login_url, enrollment_url}
+        {true, "", "", ""}
+    end
   end
 end
diff --git a/mix.exs b/mix.exs
index ed744cf570..1c4482d904 100644
--- a/mix.exs
+++ b/mix.exs
@@ -36,7 +36,7 @@ defmodule Trento.MixProject do
   def application do
     [
       mod: {Trento.Application, []},
-      extra_applications: [:logger, :runtime_tools]
+      extra_applications: [:logger, :runtime_tools, :inets]
     ]
   end