VMware Workspace ONE Community
JMW83
Contributor
Contributor
‎12-20-2022 02:21 AM

Workspace ONE Access connector Virtual Apps collection sync issue

Hi

I'm trying to replace the Workspace One Access connector v19.03.0.0 with v21.08.0.1.

I'm in preview mode and testing the Virtual Apps Collection sync but receive the following error:

Enterprise service connectorhostname.domain.local(EIS) response: Unable to get certificate from the URL: https://horizonconnectionserver.domain.local:443/SAML/metadata/sp.xml

When I visit the above URL from the connector server it loads a web page showing the self-signed certificate for horizonconnectionserver.

In the Virtual App Service logs I can see the following:

Failed to get ssl certificate from <horizon connection server>:443/SAML/metadata/sp.xml

SSLHandshakeException: No subject alternative DNS name matching <horizon connection server> found

I re-ran the Horizon Connector setup and chose to install the self-signed cert, which didn't fix the issue. 

I also used keytool to manually import the self-signed cert, then verified it existed, but this again did not resolve the problem.

Does the self-signed cert need a SAN configured perhaps? This isn't documented anywhere if it does.

Any help much appreciated.

0 Kudos
3 Replies
Noordan
Hot Shot
Hot Shot
‎01-04-2023 02:27 AM

my guess based on the error message is that you need a SAN attribute for the certificate used for your horizon connection server.

several modern browsers and services requires that nowadays. 

0 Kudos
bigjohn111
Contributor
Contributor
‎03-11-2023 09:13 AM

I'm having the same issue.. Anyone else have this.. with the old version there is no issue

0 Kudos
Noordan
Hot Shot
Hot Shot
‎03-17-2023 05:45 AM

Please make sure that you have the FQDN in the SAN attribute in the certificate used for Horizon.

0 Kudos