Symptoms:

1. Unable to reconfigure SRM after upgrade 

ERROR
Failed to retrieve pairs from extension server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk.
Failed to connect to Site Recovery Manager Server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk. 
Reason: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matched 
Failed to connect to Site Recovery Manager Server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk. 
Reason: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matched
Operation ID: e53a538a-bf3a-4612-b5fe-771aa92dc629

VMware vSphere Replication 8.x

1. SRM or VR certificate is assigned to IP address or short name instead of FQDN 

2. DNS is not configured or incorrectly set for vCenter, SRM & VR appliances

This may also be caused during deployment of the OVF when the hostname is not changed as per the correct DNS record name.

Below steps can be applied to both SRM & vSphere replication. 

1. Ensure forward and reverse lookup records are created in DNS for the appliance. Verify it by running the nslooup command against the IP & FQDN 

root@srm [ ~ ]# hostname
srm

root@srm [ ~ ]# netmgr hostname --set --name srm.vmware.local 
root@srm [ ~ ]# netmgr hostname --get
Hostname: srm.vmware.local

Photon Network Manager Commands to update Hostname/IP Address/DNS in SRM & vSphere replication (92586 ) 

2. Change the SRM Appliance Certificate from VAMI to reflect FQDN 

3. Reconfigure SRM & reconnect site pair 

NOTE: We always recommend using a DNS server. In the absence of a DNS server, assign the appliance certificate to IP address and register it using IP address.

Workaround: