Home
Cloud
OpenStack
OpenStack: 'Hostname mismatch' error seen when using wildcard certificates

OpenStack: 'Hostname mismatch' error seen when using wildcard certificates

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 112

Visibility:: Public

Votes:: 4

Category:: openstack

Specialty:: virt

Last Updated:

Applies to

Openstack
OSP 17.1
RedHat Enterprise Linux (RHEL) 9.2
Python 3.9.16
Cinder driver

Issue

An issue has been seen in OSP 17.1/ RHEL 9.2 when:

ONTAP is using a wildcard CA signed certificate
The Cinder driver has HTTPs enabled

In the Cinder volume.log, the following SSH handshake error is seen:

2023-08-16 01:34:00.101 14 ERROR cinder.volume.drivers.netapp.dataontap.client.api [req-cd09e8b0-a3b7-4959-c8e3-ee52c829bc26 - - - - -] Error communicating with NetApp filer.: urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'volume.sub.company_name.com'. (_ssl.c:1129)>