Error: The DNS in VC certificate is not same with input address
search cancel

Error: The DNS in VC certificate is not same with input address

book

Article ID: 379470

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

After successfully deploying Snapshot Service Appliance, VMware vSAN Snapshot manager UI Plugin is not registered in vCenter

In Snapshot Service Appliance log file /var/log/firstboot, you can see lines similar to :

The DNS in VC certificate is: VCSA_FQDN, DNS
The DNS in VC certificate is not same with VC input address, maybe the VC input address is IP address
VC input address is invalid IPv4/v6 address or not the same with the DNS in VC certificate

Inspecting vCenter MACHINE_SSL certificate "Subject Alternative Name" property, you can see 

/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store MACHINE_SSL_CERT --text | grep -A1 Alternative
X509v3 Subject Alternative Name: 
DNS:VCSA_FQDN, DNS:VCSA_HOSTNAME, DNS:OTHER_FQDN

VMware vSAN Snapshot Manager UI Plugin not registered in vCenter

Environment

8.0

Cause

This issue occurs due to the presence of multiple DNS names in the vCenter certificate.

Resolution

This is resolved in vSAN Snapshot management appliance version 8.0.3.U3a

 

Workaround :

  1. Navigate to the directory:
    cd /etc/vmware/cap
  2. Replace the existing cap-firstboot.sh file with the provided one.

Additional Information

 

 

 

Attachments

cap-firstboot.sh get_app
Powered by Wolken Software