IP/Password connection Test - Does not match hostname and/or Certificate Expired

Created: 2018-09-27 10:21:32
Modified: 2018-09-27 10:21:32
Tags: Exchange 20xx LDAP SSL System Requirements Troubleshooting UnitySync

The following popup occurs when running TEST on a connection source/dest tab:

SSL Subject: /CN=WIN-U6LKS4ES.acme.test
SSL Subject: Does not match hostname
SSL Host: localhost
SSL CA: /DC=test/DC=2k16/CN=WIN-U6LKS4ES-CA
SSL Expire: 190921144852Z
SSL Certificate: Expired

When SSL is enabled, the TEST query receives that information back.

The message ‘Does Not Match Hostname’ is expected because the test references the SSL host using whatever IP/Hostname is used for the connection, versus the Exchange SSL configuration which uses the fully qualified domain name. This does not affect the use of SSL successfully and securely.

Regarding the ‘Certificate’, it’s referring to the cert on the dest Exchange server. This is only relevant if you have selected ‘Yes - Expiration Check’.

Below is the example from a destination where SSL is enabled and the SSL Cert is not expired.

SSL Subject: /CN=WIN-U6LK8THS4ES.acme.test
SSL Subject: Does not match hostname
SSL Host: localhost
SSL CA: /DC=test/DC=2k16/CN=WIN-U6LK8THS4ES-CA
SSL Expire: 190921144852Z
SSL Certificate: Not Expired

Share this article:
Knowledgebase

Directory
  1. Directify - Self Service

  2. Mimic - Replication

  3. UnitySync - Sync
Password
  1. emPass - Sync
Obsolete
  1. Profiler
  2. SimpleSync