Cisco Hyperflex SSL certificate used in Aria Operations 8.12 and later does not allow connection to go be established with a Cisco Hyperflex node.
Data collection from Cisco Hyperflex is impacted.
When running the following openssl command to verify connection to the Hyperflex node, the connection is not established and a connection error is returned.
openssl s_client -connect <hyperflex IP/FQDN>:443
The Issue occurs in Aria Operations 8.12 and later due to changes implemented in certificate management.
The root cause of the problem is with the SSL certificate used in Aria Operations to establish the connection with Cisco Hyperflex. Aria Operations does not trust the certificate.
The following error is displayed in the Hyperflex adapter logs:
FATAL cisco.hyperflex.datacollector.fatal - encountered a fatal error while collecting: failed to create SSL connection check that a certificate
com.bluemodora.exuno.commo.FatalException: Failed to create SSL connection check that a certificate that validates the hosts's cerfiticate is present in the truststore.
Caused by: java.security.cert.CertificateException: No subject alternative name found matching IP address xxx.xxx.xxxx
To resolve the issue, Customer needs to work with their CA, and hyperflex to generate a CA certificate Aria Operations can use to access the Hyperflex node.