MDM link can't be configured, "SSL Error: The host name did not match any of the valid hosts for this certificate"

1 users found this article helpful

Symptoms

MDM link can't be configured, error "Unknown rpc error: code = 3, category = "MDM IPC Error" is thrown:
 
pmm_dep_service.log:
01-30 11:11:35.559 D /Certs:2472:9dc/ Found 0 local certificate(s)
01-30 11:11:35.590 D /Certs:2472:9dc/ Found 1 local certificate(s)
01-30 11:11:35.605 D /MdmIpc:2472:9dc/ Connecting to xxx.yyy.zzz:8443
01-30 11:11:35.605 D /MdmIpc:2472:9dc/ Sending request 'type=EnrollmentUrl id={53a3af53-2c77-a14d-81a0-21c2a794e834}'...
01-30
11:11:35.621 W /Ipc:2472:9dc/ SSL Error: The host name did not match any of the valid hosts for this certificate (22) - Certificate {Subject: parallels.xxx.com; Issuer: DigiCert SHA2 Secure Server CA; Not Before: Jan 13 00:00:00 2020 GMT; Not After: Jan 20 12:00:00 2022 GMT; Serial Number: xxx; Sha1: xxx;}
01-30 11:11:35.621 W /Ipc:2472:9dc/ Ssl handshake failed
01-30 11:11:35.621 D /MdmIpc:2472:9dc/ Sent request {53a3af53-2c77-a14d-81a0-21c2a794e834} : Unknown error
01-30 11:11:35.621 D /MdmIpc:2472:9dc/ Sending error 'I/O error' for {53a3af53-2c77-a14d-81a0-21c2a794e834}...
01-30 11:11:35.621 D /MdmIpc:2472:9dc/ Sent error 'I/O error' for {53a3af53-2c77-a14d-81a0-21c2a794e834}: Unknown error
01-30 11:11:35.621 D /MdmIpc:2472:9dc/ IPC client disconnected

Cause

FQDN of the MDM server specified doesn't match the subject of SSL certificate installed on it.

Resolution

Please use the FQDN that you've issued the MDM server SSL certificate to (the external URL that Macs will use to connect).
Make sure that connections from PMM Proxy over the service port are allowed by the firewall.

Was this article helpful?

Tell us how we can improve it.