Unable to access ZCC - 500 Error SSLHandshakeException

  • 7025221
  • 28-Jul-2021
  • 28-Jul-2021

Environment

ZENworks Configuration Management 2020 ZENworks Control Center - ZCC

Situation

After upgrading logging into ZCC will post a 500 Error.


ZCC Log shows

[Error while authenticating login request] [javax.net.ssl.SSLHandshakeException: No trusted certificate found

[Error while authenticating login request] [javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching “hostname” found

Since server was not configured to the domain name correctly, the trust has failed or the hostname doesn't match.

Reminder: There are a many things that can cause 500 errors on logging into ZCC, Tokens, DNS, etc.

Resolution

Check if trusted root certificate is imported in trust store.

If you are upgrading from previous ZENServer version  where the certificate is having IP in the Subject Alternative Name, then to come out of the login issue you have to do the following:

 

1.      Configure DNS Properly on the Server

2.      Make sure “ nslookup ip” is resolving to FQDN

3.      Remint Server Certificate

4.      Upgrade to Update 2

Cause

As DNS was not configured properly in the setup, the hostname resolution was not happening, hence the java API used for getting the hostname was returning IP instead of hostname. Because of this the Server certificate was having IP in the Subject Alternative Name(SAN).  
Request to configure DNS and install Server, which is a prerequisite according to the ZENworks 2020 System Requirements documentation.

Name was not configured for the host windows machine.
Since domain name was not set, the trust may also fail.

If such error occurs, domain name can be updated, server certificate reminted.(or it can work without remint also) and restarted.