Broker Configuration

Technote (FAQ)


Question

Session via broker fails with error:
"Unable to connect. The certificate from the peer is issued for a different host."

Cause

Broker configuration issue, fully qualified name not used

Answer

This error means there is a problem with the broker name that is preventing the session via broker to be started. When performing broker configuration steps, the fully qualified name must be used consistently in the broker registration, in the certificate, in the broker list, in the PublicBrokerURL etc.

Checklist:
1) check the certificate itself, if it's a self signed certificate, you can view it in the TRC server
2)check the registered brokers in the server
3)check the brokerlist in the target. If the target is inside the intranet, it can update the broker list from the server (use Report to server) but usually, the target will be outside the intranet and unable to
contact the server. In this case the user needs to edit the registry and restart the target The broker configuration file is only necessary to check if there are multiple brokers. In this case you need to check the PublicBrokerURL and also check the names of the other brokers in AllowBrokers For example if you have broker1.pippo.com and broker2.pippo.com, you need a control connection from broker2 to broker1 in broker1, in the Inbound connection it needs "allowBrokers=broker2.pippo.com"
The name has to match the certificate of broker2 in broker2, you need a Broker connection to broker1. here destinationAddress needs to be broker1.pippo.com. The name has to match the certificate of broker1.


Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Remote Control

Software version:

Version Independent

Operating system(s):

Platform Independent

Reference #:

1637034

Modified date:

2013-05-10

Translate my page

Machine Translation

Content navigation