VMware Cloud Community
suhail39
Enthusiast
Enthusiast
Jump to solution

vRealize Orchestrator Rest API issue

Hello All,

I have been facing an issue of with certificate name mismatch,

After adding the Rest APi Host, when invoking the Rest Api operation.

ERROR : The certificate name mismatch error is thrown,

Please need help to resolve the issue.

pastedImage_0.png

1 Solution

Accepted Solutions
daphnissov
Immortal
Immortal
Jump to solution

I just tried this in my lab where I'm using the default vROps certificate, and I have no problem running REST operations. Ensure you've done the following:

  1. Add a REST host. Specify the URL as https://<FQDN>/suite-api/api. Accept the certificate with "Yes" radio button on first screen. Use Basic authentication (or whatever). Use shared mode (again, or whatever). On the last screen in SSL, choose "No" to the request to "Verify whether the target hostname matches the names stored inside the server's X.509 certificate." PrivateKeyEntry is NotSet.
  2. Add a REST Operation. I'm doing just a very basic GET on /resources. Select the parent host. Give it a name. Put in "/resources" on the Template URL field. Choose GET.
  3. Invoke a REST Operation. Select the REST Operation you configured in step 2. You should get a 200 respose, successful execution, and logged output of the return. NOTE, with a GET to /resources it may return a LOT of data. If you have a huge inventory you may want to test on something else.

View solution in original post

11 Replies
daphnissov
Immortal
Immortal
Jump to solution

You need to replace your vROps certificate as it's still presenting the default cluster certificate. This would probably be the easiest thing, then add it via the same name in its cert.

suhail39
Enthusiast
Enthusiast
Jump to solution

As in our Testing Environment, there is no CA installed or configured, If i try creating the .pem file, How do i submit the cert to CA authority for certificate, If you can help me with documentation or steps involved in chnaging/uploading the certificate, since the Common Name has to be changed for the vrops certificate.

For the vro to exceute the workflows.

Please, Looking forward for your help

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Did you at least accept the self-signed certificate and import it into vRO's store?

Reply
0 Kudos
suhail39
Enthusiast
Enthusiast
Jump to solution

Default certificate is imported into vRO's store, I went through the documents to create a self-signed certificate, but stil have not got clear idea to execute, Since new to VMware, its taking time to understand about the infrastructure services.

If you can please, mention the steps to achieve this, I would be grateful to you.

Reply
0 Kudos
suhail39
Enthusiast
Enthusiast
Jump to solution

I tried creating a self signed certificate following vmware documentation using openssl, created a .pem file,

tried uploading on to the administration page, but error occurs.

Do u have any documentation to create a self signed certificate ?

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

What is it you're running and against what, exactly? Please provide more details here.

Reply
0 Kudos
suhail39
Enthusiast
Enthusiast
Jump to solution

I am trying to run a rest operation on vRealize operations through vrealize orchestrator, after adding the vrops host with default certificate, if i am trying to invoke a rest operation,

Error specified as mentioned above : Name mismatch in cetificate and host,

Solution: Creating a self signed certificate of vrops with common name customization, and adding to vRO as host and invoking rest operation will be successfull

Since there is no CA, i was trying to create self signed certificate by using openssl, after creating the Pem file, trying to upload on vROPS, it states invalid.

Might be the order of the certificate does not match.

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

I just tried this in my lab where I'm using the default vROps certificate, and I have no problem running REST operations. Ensure you've done the following:

  1. Add a REST host. Specify the URL as https://<FQDN>/suite-api/api. Accept the certificate with "Yes" radio button on first screen. Use Basic authentication (or whatever). Use shared mode (again, or whatever). On the last screen in SSL, choose "No" to the request to "Verify whether the target hostname matches the names stored inside the server's X.509 certificate." PrivateKeyEntry is NotSet.
  2. Add a REST Operation. I'm doing just a very basic GET on /resources. Select the parent host. Give it a name. Put in "/resources" on the Template URL field. Choose GET.
  3. Invoke a REST Operation. Select the REST Operation you configured in step 2. You should get a 200 respose, successful execution, and logged output of the return. NOTE, with a GET to /resources it may return a LOT of data. If you have a huge inventory you may want to test on something else.
suhail39
Enthusiast
Enthusiast
Jump to solution

Thanks, this has helped me to an extend,

But, while Add a Rest host, Specified the URL as https://<FQDN>/rest. Since the notification alert is retrieved through vrops and after Invoking rest operation,I have encountered a different error,

Screenshot for reference:

pastedImage_0.png

I have also tried, Add a Rest host, Specified the URL as https://<FQDN>/suite-api/api and tried to invoke to rest operation and encountered an error 404: page not found

Screenshot for reference:

pastedImage_2.png

Waiting for your response

Thank you

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

In a web browser, can you access the API documentation page at https://<FQDN>/suite-api/ ?

suhail39
Enthusiast
Enthusiast
Jump to solution

Yes, that helped, thank you so much

Appreciate your efforts.

Thank you.

Reply
0 Kudos