SSL Certificate CommonName(xxx.xxx.xxx.xxx) Doesn't Match Peer
search cancel

SSL Certificate CommonName(xxx.xxx.xxx.xxx) Doesn't Match Peer

book

Article ID: 35399

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

The tunnel server hub does not appear in the list of hubs in the hub GUI in Infrastructure Manager (IM), and the following messages are observed in the hub log file:

SSL Certificate CommonName(xxx.xxx.xxx.xxx) Doesn't Match Peer

Error - "SSL certificate commonName( ##.##.#.#) doesn't match peer ( ##.##.#.#/<server_name>)"

Environment

UIM 20.x

Note: the error is dependent on the hub version and can therefore appear in virtually any version of Unified Infrastructure Management.

Cause

This issue occurs because the IP address specified as the server common name during creation of the tunnel certificate does not match the client's IP address.  

Resolution

To correct this a new certificate must be generated and pushed to the tunnel client as follows:

  1. Create a new certificate and specify the client's correct IP address as the common name.  The exact procedure for creating a certificate can be found in the hub probe documentation in the section titled "Setting up a Tunnel".
  2. Copy the new certificate to the tunnel client.  This process is also outlined in the "Setting up a Tunnel" section.
  3. Restart both the server and client hubs.

Additional Information


How to create Tunnels between two hubs and Verify the communication using Queues
https://knowledge.broadcom.com/external/article?articleId=12105


hub (broadcom.com)

Powered by Wolken Software