Problem:
While in the vRealize Orchestrator Client you find that the Library/Configuration/SSL Trust Manager/”Import a certificate from URL” workflow returns an error reading “InternalError: handshake alert: unrecognized_name” when provided. The URL the resolves to the Load-Balancer VIP for the vCAC/vRA appliances.
Background:
Signed SSL certificate installed on vCAC/vRA Appliance, SSL Passthrough on NSX/vCNX Load-Balancer, vCAC/vRA Settings/Hostname set to resolve to VIP, matching SSL cert.
Fix:
- SSH into the vCAC Appliance as root
- Backup /etc/apache2/vhosts.d/vcac.conf to vcac.conf.bak
- Use vi to edit /etc/apache2/vhosts.d/vcac.conf
- Scroll down to <virtualHost _default_:443>
- Add these lines
ServerName fqdn.of.appliance.node
ServerAlias: load.balancer.name
- Scroll further to ensure these params aren’t listed elsewhere, remove or revise if so.
- save the file and exit vi
- restart the vCAC/vRA services
Brian Ragazzi 