After upgrading NetOps console from ver. 22.2.5 to 22.2.7, we are unable to connect; getting the following error

org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
	at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:266)
	at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:207)
	at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:501)

Dx NetOps Performance Management 22.2.7+

SNI check fails due the fact that the SSL cert doesn't have a SubjectAlternateName that matched Web Site Host or Web Service Host; in SsoConfig

Launch SsoConfig

a. Open a terminal session on the NetOps Portal host (as root or with the sudo command).
b. Launch SsoConfig by running the ./SsoConfig command in the <installation_directory> directory

- installation_directory
The default installation directory for NetOps Portal.  Default: /opt/CA/PerformanceCenter

c. Choose 1. DX NetOps > 3. Performance Center > 1. Remote Value

 .... and update Web Site Host and Web Service Host to a name that is listed in the SSL cert, under "SubjectAlternateName"

To check the SubjectAlternativeName you could run: /opt/CA/jre/bin/keytool -printcertreq -file <filename>.csr

Or

Create a new keystore and new self signed cert to match what is set in SsoConfig for Web Site Host and Web Service Host

]

1) The san should contain the system hostname, as well as anyway the system will be accessed (shortname, fqdn, in your case, external name, IP)

2) The SSO Web Service Host SHOULD be the internal Portal machine always.

3) The SSO Web Site Host SHOULD be the external Portal machine name, that you want in URLs like email reports/notifications/etc.