Customer can run their multiple REST Endpoint in a load balancer architecture without a problem.

For example in architecture with a load balancer in front of 4 REST processes:

However, after an upgrade of their Automation Engine to version 21.0.7 the REST API calls that go thru the load balancer run into an error. Leaving these kind of message in the REST process log file:

Jetty: handleException /ae/api/v1/ping org.eclipse.jetty.http.BadMessageException: 400: Host does not match SNI

Automation Release: 21.0.7

In version 21.0.7 a new security check was introduced on the REST endpoint : SNI host check.

If the sender of a Rest API call is not present in the certificate that secures the communication, the call will be rejected.

Resolution : Add the DNS name of the load balancers, with their IP addresses to the SAN list of the JCP TLS certificates.