Login to vRSLCM using domain account fails with "HTTP ERROR 401"
search cancel

Login to vRSLCM using domain account fails with "HTTP ERROR 401"

book

Article ID: 322701

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • After entering your domain credentials in the Aria Suite Lifecycle login page, you are redirected to a browser error page displaying "HTTP ERROR 401".

  • Alternatively, you may receive the following JSON error output: {"code":401,"description":"Full authentication is required to access this resource"}

  • The VMware Identity Manager (vIDM) certificate was replaced recently.

  • In the /var/log/vrlcm/vmware_vrlcm.log file, you see errors similar to the following:

    INFO [http-nio-8080-exec-6] o.a.h.i.e.RetryExec - -- I/O exception (org.bouncycastle.tls.TlsFatalAlert) caught when processing request to {s}->https://<VIDMFQDN.DOMAIN>:443: certificate_unknown(46)
    INFO [http-nio-8080-exec-6] o.a.h.i.e.RetryExec - -- Retrying request to {s}->https://<VIDMFQDN.DOMAIN>:443

     

Environment

  • VMware Aria Suite Lifecycle 8.18.x
  • VMware Identity Manager (vIDM) 3.3.x

Cause

This issue occurs when an updated VMware Identity Manager (vIDM) certificate is not accepted or synced properly within Aria Suite Lifecycle, causing the domain authentication trust to fail.

Resolution

To resolve the issue, re-register the Aria Suite Lifecycle authentication provider to accept the new certificate:

  1. Login to Aria Suite Lifecycle using a local account (e.g., admin@local).

  2. Navigate to Lifecycle Operations > Settings > Authentication Provider.

  3. Click Re-Register.

  4. Log out of the local account and retry your login using your vIDM domain credentials.