VLSR - vSphere Replication - Enhanced Replication Mappings Connection Error
search cancel

VLSR - vSphere Replication - Enhanced Replication Mappings Connection Error

book

Article ID: 373696

calendar_today

Updated On:

Products

VMware Live Recovery

Issue/Introduction

Enhanced Replication Mappings displays "Error" status under the Connection screen.  Errors display even though intra/inter site ports are confirmed open and VM replications show healthy with no RPO violations.  Sample screenshot:

/opt/vmware/hms/logs/hms.log:

2024-07-18 11:50:36.213 ERROR com.vmware.hms.net.HbrAgentHealthMonitorService [hms-main-thread-17] (..hms.net.HbrAgentHealthMonitorService) [operationID=0711f41c-dc82-4280-8f1e-544a6cd6e2b2-HMS-193,sessionID=03A3A0C8, operationID=0711f41c-dc82-4280-8f1e-544a6cd6e2b2-HMS-193,sessionID=03A3A0C8] | Error occurred while executing ping test call for group 'PING-GID-1db34109-488d-4f4b-9924-35dab5bf6a89', broker 'Y.Y.Y.Y', broker port '32032' from host 'X.X.X.X'.
org.springframework.web.reactive.function.client.WebClientRequestException: No subject alternative names matching IP address X.X.X.X found; nested exception is javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address X.X.X.X found
        at org.springframework.web.reactive.function.client.ExchangeFunctions$DefaultExchangeFunction.lambda$wrapException$9(ExchangeFunctions.java:141) ~[spring-webflux-5.3.36.jar:5.3.36]
        Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Error has been observed at the following site(s):
        *__checkpoint ⇢ Request to GET https://X.X.X.X/hbragent/api/v1.0/appPing?broker_ip=Y.Y.Y.Y&broker_port=32032&group=PING-GID-1db34109-488d-4f4b-9924-35dab5bf6a89 [DefaultWebClient]
Original Stack Trace:
                at org.springframework.web.reactive.function.client.ExchangeFunctions$DefaultExchangeFunction.lambda$wrapException$9(ExchangeFunctions.java:141) ~[spring-webflux-5.3.36.jar:5.3.36]
...
        Suppressed: java.lang.Exception: #block terminated with an error
...
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address X.X.X.X found

Environment

vSphere Replication 9.0.1

Cause

Tests run from the Enhanced Replication Mappings page leverage a HBR REST endpoint that is being called by IP rather than by FQDN.  This results in SSLHandshakeException errors due to the default ESXi certificate subject alternative names field only containing FQDN entries.

Resolution

Enhanced Mappings Test Connection Errors in vSphere Replication 9.0.1 may be cosmetic and not be a true indication of connectivity health between source and destination ESXi hosts.  Health validation of VM replication should entail a review of VM replication status, RPO health, and test failovers if Site Recovery Manager is in use.

Engineering has identified the fix for this defect and will release the fix in a future vSphere Replication patch.

Powered by Wolken Software