Certificate validation with Connect-VIServer (Powe... - Page 2

dbailey12 · ‎03-01-2018

I'm trying to resolve a certificate validation issue I'm seeing in PowerCLI.

(I know I can just set -InvalidCertificateAction to Ignore or save the thumbprint as an exception in PSTCS as a workaround.)

When I have InvalidCertificateAction set to Prompt, I get:

> Connect-VIServer myviserver.blah.net -Verbose   
WARNING: There were one or more problems with the server certificate for the server myviserver.blah.net:443:   

* The certificate's CN name does not match the passed value.   
Certificate: [Subject]    CN=myviserver.blah.net  
[Issuer]    CN=myCA DN

I'm not sure what it doesn't like about the CN... it matches and browsers don't complain. I tried messing with [System.Net.ServicePointManager]::SecurityProtocol based on some other threads but that didn't seem to help.

Does anyone have ideas on how to investigate further?

Thanks!

cking2 · ‎05-31-2018

Awesome. It appears VMware.PowerCLI 10.1.0.8403314 has fixed these certificate issues.

All

Certificate validation with Connect-VIServer (PowerCLI 10.0 & 6.5.4.7155375)