• The system startup script /opt/scripts/deploy.sh fails at the step for the identity-service which interacts with vIDM for authentication.
• This shows a 500 error trying to download identity data from vIDM (Identity Manager)
• Checking the identity service logs at /services-logs/prelude/identity-service-app/file-logs/identity-service-app.log, the corresponding error is:
  
  • No subject alternative DNS name matching <Tenant_FQDN> found.

• VMware Aria Automation 8.x
• VMware Identity Manager 3.3.7

The vIDM TLS certificate does not include additional tenant FQDNs in Subject Alternative Names.

Aria Automation attempts to login to each tenant as part of its startup procedure, so the vIDM certificate must also cover each tenant FQDN.

Recreate the vIDM certificate with all active tenant FQDNs included in the Subject Alternative Names field.

In Aria Suite Lifecycle, this field is known as Server Domain/ Hostname.

Once this certificate is created, apply it to the vIDM environment and request that Aria Automation retrusts the new certificate.