Registration of the vSphere Replication (VR) Appliance to vCenter Server fails during the ConfigureVrmsOp operation. The VAMI UI returns a configuration failure, and the drconfig.log displays the following errors indicating an SSL handshake rejection:

javax.net.ssl.SSLException: Certificate for <REDACTED_IPS> doesn't match common name of the certificate subject: <REDACTED_HOSTNAMES>

com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matched

vSphere Replication 9.0.2

The primary cause is that the vSphere Replication appliance registration was configured using an IP address for the vCenter Server Lookup Service target instead of the designated Fully Qualified Domain Name (FQDN) that strictly matches the vCenter Server Machine SSL certificate.

• Access the vSphere Replication Appliance Management Interface (VAMI) at https://<VR_Appliance_IP>:5480.

• Navigate to the Configuration menu to initiate a new vCenter Server registration.

• Modify the Lookup Service Address parameter to reflect the exact vCenter Server FQDN (<REDACTED_HOSTNAMES>).

• Proceed through the configuration wizard and explicitly accept the current vCenter Server Machine SSL certificate thumbprint when prompted.

• Save the configuration and allow the vSphere Replication management services to restart and successfully synchronize with vCenter Server.