Hola folks 👋 I am trying to resolve an annoying login issue we're having in Rancher (that we caused ourselves 🙈), hoping for some feedback. Way back when we first deployed our Rancher instance we (incorrectly) set the

hostname

value in Helm values to

<http://servername.myorg.com|servername.myorg.com>

instead of for example

<http://rancher.myorg.com|rancher.myorg.com>

, we used the same when setting up the Azure AD app redirect URI

<https://servername.myorg.com/verify-auth-azure>

Finally we created the appropriate DNS records:

dig <http://rancher.myorg.com|rancher.myorg.com>
CNAME <http://rancher.myorg.com|rancher.myorg.com>.   1h00m00s   "servername.myorg.com."
   A <http://servername.myorg.com|servername.myorg.com>. 1h00m00s   1.1.1.1

This (ugly) setup worked with a minor login issue, if we tried to login from rancher.myorg.com it would throw a

nonce

error and redirect back to servername.myorg.com, logging in from that page worked fine though (presumably because of the redirect URI). This issue is what i'm now trying to resolve. I hoped it would have been enough to update the

hostname

value to rancher.myorg.com, do an helm upgrade and then set the redirect URI to

<https://rancher.myorg.com/verify-auth-azure>

in the azure app, however i am still getting the same error and rancher still uses

<http://servername.myorg.com|servername.myorg.com>

in the request to Azure AD

The redirect URI '<https://servername.myorg.com/verify-auth-azure>' specified in the request does not match the redirect URIs configured for the application

Any ideas on what to try next? Do i need to remove the Azure AD provider in Rancher and then re-enable it? Is there some setting i am missing? Thanks in advance 🙏