Symptoms
1. Unable to reconfigure SRM after upgrade ERRORFailed to retrieve pairs from extension server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk.Failed to connect to Site Recovery Manager Server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk. Reason: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matched Failed to connect to Site Recovery Manager Server at https://srm.vmware.local:443/drserver/vcdr/vmomi/sdk. Reason: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matchedOperation ID: e53a538a-bf3a-4612-b5fe-771aa92dc629
Cause
1. SRM or VR certificate is assigned to IP address or short name instead of FQDN 2. DNS is not configured or incorrectly set for vCenter, SRM & VR appliancesThis may also be caused during deployment of the OVF when the hostname is not changed as per the correct DNS record name.
Resolution
Below steps can be applied to both SRM & vSphere replication. 1. Ensure forward and reverse lookup records are created in DNS for the appliance. Verify it by running the nslooup command against the IP & FQDN root@srm [ ~ ]# hostnamesrmroot@srm [ ~ ]# netmgr hostname --set --name srm.vmware.local root@srm [ ~ ]# netmgr hostname --getHostname: srm.vmware.localPhoton Network Manager Commands to update Hostname/IP Address/DNS in SRM & vSphere replication (92586 ) 2. Change the SRM Appliance Certificate from VAMI to reflect FQDN 3. Reconfigure SRM & reconnect site pair NOTE: We always recommend using a DNS server. In the absence of a DNS server, assign the appliance certificate to IP address and register it using IP address.
