I have installed OMi 10.11 for Windows which stands behind a loadbalancer.
Access to the OMi is via https port 443.
Certificates are generated by OMi.
When accessing the OMi GUI via IE I have installed the certificate and then exported it.
The certificate has then been imported to another application from a 3rd. part (AppLink Clip) with keytool.
When this applicatioon tries to get access to the OMi, I get the following error message:
Connection to HP BSM OMi FAILED: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching project-prod.company.no found. Reconnection Attempt in 30 Seconds.
The DNS name is seen in the certificate, but still not able to connect to OMi via WEB Rest services.
When I connect directly to one of the OMi GWs its working fine.
The certificate has three entries for DNS:
#4: ObjectId: 220.127.116.11 Criticality=false
DNSName: project-prod.company.no -->This is the VIP on the LB
In the test environment it's working fine. but not in prod.
I also have a question about how OMi generate the info in the certrificates for DNS, will it just add the DNS for GWs and the VIP adress for the user access (and not VIP adress for data access) as seen in the Platform Administration > Host Configuration ?
In regards this, what I understand is that the GW server has the load balancer certificates but could you confirm that on the Load balancer the certificates of the GW are preset as well as the load balancer certificates themselves?
Also on the Administration Guide > Additional Configuration > High Availability > Load Balancing for the Gateway Server, could you confirm that you have follow the step 5 “Configure the load balancer for data collector access”?