Error "The target principal name is incorrect." during ENC certificate validation

book

Article ID: 106077

calendar_today

Updated On:

Products

CA Client Automation - IT Client Manager CA Client Automation

Issue/Introduction

ENC Clients belonging to a known working ENC Server can sometimes fail if not configured with the exact FQDN of the ENC Server used in the ENC Server's Client Certificate

Cause

Reviewing ENC Client log, the following error can be seen:

|ERROR  | EncInitializeSecurityContext: The target principal name is incorrect.

Environment

any supported ENC environment

Resolution

ENC Client is likely pointing to an incorrect or invalid FQDN that does not match the FQDN specified in the Alternate Subject Name portion of the client certificate on the ENC Server.

Run a command like the following to correct the issue:

encutilcmd client -state enabled -server <proper ENC Server FQDN>

If the command runs successfully you will see the following after hitting enter:

INFO: Command completed successfully

Now recycle ENC Client (CAF STOP ENC CLIENT / CAF START ENCCLIENT) and test.