You are unable to log in to the Site Recovery user interface.
Problem
The Site Recovery user interface log contains the following error message "Certificate for <host> doesn't match any of the subject alternative names: <subjectaltlist>". When you attempt to do a remote login within the Site Recovery user interface by using the remote login dialog box, you receive similar error message in the user interface.
Cause
The
Site Recovery user interface might not be able to connect to the
Platform Services Controller hosts because of the way the host certificate is generated:
- If the Platform Services Controller certificate does not have a host's address (IP or FQDN) as a subject alternative name;
- If the Platform Services Controller certificate lacks subject alternative names and the host name is not matched in the certificate's CN fields.
Solution
- Reconfigure the Platform Services Controller with a certificate with a SAN (Subject Alternative Name Field) that contains an entry for the Platform Services Controller address (the '<host>' string from the error message).
- If the certificate is properly generated, but the address used by user interface is not, you must reconfigure the user interface and the corresponding Site Recovery Manager and vSphere Replication Appliances to use the correct Platform Services Controller address.
- Reconfigure the existing pairings for the appliances.
