The tunnel server hub does not appear in the list of hubs in the hub GUI in Infrastructure Manager (IM), and the following messages are observed in the hub log file:
<Please see attached file for image>
Error - "SSL certificate commonName(10.11.12.13) doesn't match peer (10.155.0.3/FC-SERVER3)"
These symptoms apply to all hub versions of 5.60 and above.
Note: the error is dependent on the hub version and can therefore appear in virtually any version of Unified Infrastructure Management.
This issue occurs because the IP address specified as the server common name during creation of the tunnel certificate does not match the client's IP address. As is the case with the IP 10.11.12.13 in the image above.
To correct this a new certificate must be generated and pushed to the tunnel client as follows:
1. Create a new certificate and specify the client's correct IP address as the common name. The exact procedure for creating a certificate can be found in the hub probe documentation in the section titled "Setting up a Tunnel".
2. Copy the new certificate to the tunnel client. This process is also outlined in the "Setting up a Tunnel" section.
3. Restart both the server and client hubs.
Release: CNMSPP99000-7.6-Unified Infrastructure Mgmt-Server Pack-- On Prem