Cloud Builder 4.2 does strict hostname check
search cancel

Cloud Builder 4.2 does strict hostname check

book

Article ID: 337597

calendar_today

Updated On:

Products

VMware VMware Telco Cloud Automation

Issue/Introduction

Symptoms:
Site deployment via TCA fails during the step of creating local ESXi user account with error message stating “A problem has occurred on the server. Please retry or contact the service provider and provide the reference token”.
In the Cloud Builder logs, the following error message will be logged: 
Failed to connect to https://abc.xyz.com:443/sdk

com.vmware.vim.vmomi.client.exception.SslException: javax.net.ssl.SSLPeerUnverifiedException:
Certificate for <abc.xyz.com> doesn't match any of the subject alternative names: [localhost.localdomain]
...
... 
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <abc.xyz.com> doesn't match any of the subject alternative names: [localhost.localdomain]


Environment

VMware Telco Cloud Automation 1.x

Cause

This can occur if the certificate presented by the ESXi host does not match its hostname. This would happen if a self-signed certificate is generated before setting the hostname.

Resolution

  1. If Cloud Builder is already deployed, delete the VM from ESXi
  2. Login to each ESX host in the site and run ensure the hostname is set properly
  3. Run the following command to regenerate self-signed certificate for every host host:
  1. Check if the service account created by cloud builder exists on every ESXi host used during provisioning of the respective domain or site. If the account exists, delete it from the ESXi host.
  1. Check all ESXi hosts included when provisioning. The service account will begin with "svc-vcf"
  2. You can check this by logging into the ESXi web client and going to Manage > Security & Users > Users > in the list of Users identify the one that starts with svc-vcf-<esxi name>.
 
  1. Resync the site 


Powered by Wolken Software