Question
According to the instructions of the SolarWinds integration, the SolarWinds API Endpoint URL needs to have a certificate that matches the hostname of the SolarWinds server.
When it doesn't match, I receive the following error message.:
Script failed with message:
```
JavaObject[org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://157.157.191.190:17778/SolarWinds/InformationService/v3/Json/Invoke/Orion.AlertActive/AppendNote": Certificate for <157.157.191.190> doesn't match any of the subject alternative names: []; nested exception is javax.net.ssl.SSLPeerUnverifiedException: Certificate for <157.157.191.190> doesn't match any of the subject alternative names: [] (org.springframework.web.client.ResourceAccessException)]
```
I have tried building my own workflow in xMatters to bypass this issue, but it seems like it needs to be fixed in the implementation of the HTTP library in the xMatters backend.
What are my current options to get this working?
Environment
- All versions of xMatters
- SolarWinds integration
Answer
By default, the certificate that the server provides is issued to solarwinds-<server name> when you specify either a hostname or IP. The quickest solution if you don't want to install your own certificate is to edit your local host file on the server where you have the xMatters Agent installed, for example:
c:\windows\system32\drivers\etc\hosts
Then, add an entry that references the SolarWinds server. For example, if the server is called "Orion", the certificate will be issued to solarwinds-orion, and the host file entry will look like this:
155.155.155.155 solarwinds-orion
Here, replace 155.155.155.155 with the SolarWinds server IP and make sure solarwinds-orion matches the host referred to in the certificate.
For the SolarWinds endpoint in xMatters, replace the base URL with: https://solarwinds-orion:17778. Then, when the SolarWinds integration makes a call to the xMatters Agent, it will lookup the local address and match the server name and certificate.
Comments
0 commentsArticle is closed for comments.