Highlighted
New Member.
2595 views

ZMD.CertificatesDoNotMatch

We had a pretty major issue in our VMWare environment this past thursday (possibly due to the solar flares 😉 ) and what I'm starting to see now is that I'm having some issues getting new machines to register. All the servers in the environment went inactive and part of the fix to get them all up required us to delete the NICs from vSphere and re-create them. I have confirmed DNS connectivity between all servers in the Zone and from several workstations. Our environment consists of two primaries, an external sybase and one reporting server. I usually use the agent from the first primary to do all of my installations, however, this agent no longer works. It installs, but every machine that comes up with it lists the Management Zone, Server DNS and Server Address all as unavailable. Upon trying the agent off the second primary, I got a machine to register to it properly, but now I see the following in the ZCC:

Message ID: ZMD.CertificatesDoNotMatch
The certificate presented by the server does not match the known certificate for host xxx.xxx.xxx.xxx.

I'm seeing this message with the IP addresses of both primary servers. Is this an issue with the cert that's in the agents, or an issue with the certs being presented by the servers and what do I have to do to remedy the situation. I have no issues browsing to the ZCC on either server and so far none of the machines that are already in the zone are displaying any issues. Any help would be greatly appreciated.
Labels (2)
0 Likes
5 Replies
Highlighted
Absent Member.
Absent Member.

Re: ZMD.CertificatesDoNotMatch

force10,

Not sure if this is completely the same problem, but try take a look at this old thread:
http://forums.novell.com/novell/novell-product-discussion-forums/zenworks/configuration-management/zcm-10/zcm10-agent-deployment/333477-certificate-presented-server-does-not-match-k.html

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
Highlighted
New Member.

Re: ZMD.CertificatesDoNotMatch

Thanks. Not sure how I missed that thread, but I did. I'll build a new installation package on the one with the problem and see if that fixes it.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: ZMD.CertificatesDoNotMatch

force10,

Hope it helps you.

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: ZMD.CertificatesDoNotMatch

The 1st Step would be to check your server certs.
Make sure the Cert Subject has the correct Fully Qualified DNS name of
the server and that subject is resolvable via reverse lookup.

On 3/14/2012 8:06 AM, force10 wrote:
>
> Thanks. Not sure how I missed that thread, but I did. I'll build a new
> installation package on the one with the problem and see if that fixes
> it.
>
>



--
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.
--
Please give a hearty thumbs up to any post you find helpful!
To find articles by Craig Wilson simply follow the link: Craig Wilson's Tips!
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: ZMD.CertificatesDoNotMatch

Yep, a good place to start.

craig_wilson;2182101 wrote:
The 1st Step would be to check your server certs.
Make sure the Cert Subject has the correct Fully Qualified DNS name of
the server and that subject is resolvable via reverse lookup.

On 3/14/2012 8:06 AM, force10 wrote:
>
> Thanks. Not sure how I missed that thread, but I did. I'll build a new
> installation package on the one with the problem and see if that fixes
> it.
>
>



--
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.