• 90 days after Single Sign-on is enabled for Cloud Consumption Interface service, in the namespace detail page under Service Broker -> Consume all resource tiles fail with error "401 UNAUTHORIZED "Unauthorized" 

• When using CCI CLI, it also prints out 401 error.
• In CCI service pod's logs, logs similar to below are observed:
  
  

2024/07/05 17:59:02 http: TLS handshake error from 192.168.128.2:46194: remote error: tls: bad certificate
2024/07/05 17:59:02 http: TLS handshake error from 192.168.128.2:46196: remote error: tls: bad certificate
2024/07/05 17:59:02 http: TLS handshake error from 192.168.128.2:46208: remote error: tls: bad certificate

Reconfigure the Single Sign-On setup for CCI.

1. Uninstall and unregister the CCI service in vCenter
   • Log in to the vCenter.
   • Under Workload Management, select the Services tab.
   • For the vCenter, select the vCenter that is managing the Supervisor Cluster where the CCI single sign-on service is installed
   • Find the CCI service tile, and Click on ACTIONS dropdown, click Delete
     
     
     
     
     
   • In the popup window, click CONFIRM button in step 1, then click on CONFIRM button in Step 2, then it will start removing the versions from supervisors
     
     
     
     
   • Then in Step 3, click CONFIRM button to delete the service
   • Then the bottom right corner, click DELETE button to finish deletion
     
2. Follow the steps in Setting Up Single Sign-On for CCI  to setup Single Sign-On again for CCI.