Clustered Environment Certificate Invalid Server is pretending to be

tijones
New Contributor II

Hey Guys,

Someone must have had this before what have I misconfigured here to be receiving these errors in my system log, And obviously things are not working right with MDM for me again.....

Sending 'Idle' request to server (<NSURLErrorDomain:-1202> The certificate for this server is invalid.

Nov 1 08:28:44 wo1100-009ls.aut.ac.nz mdmclient[40]: ** ERROR ** [Daemon:0] Sending 'Idle' request to server (<NSURLErrorDomain:-1202> The certificate for this server is invalid. You might be connecting to a server that is pretending to be “casper-pri.autuni.aut.ac.nz” which could put your confidential information at risk. NSErrorFailingURLKey = "https://casper-pri.autuni.aut.ac.nz:8443//computer/mdm"; NSErrorFailingURLStringKey = "https://casper-pri.autuni.aut.ac.nz:8443//computer/mdm"; NSUnderlyingError = "Error Domain=kCFErrorDomainCFNetwork Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be U201ccasper-pri.autuni.aut.ac.nzU201d which could put your confidential information at risk." UserInfo=0x7fd6cba0d820 {NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9843, kCFStreamPropertySSLPeerCertificates=( "<SecCertificate 0x7fd6cbe5b3a0 [0x7fff74c11fd0]>", "<SecCertificate 0x7fd6cbe39ed0 [0x7fff74c11fd0]>" ), _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrust 0x7fd6cbe34c60 [0x7fff74c11fd0]>, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be U201ccasper-pri.autuni.aut.ac.nzU201d which could put your confidential information at risk., NSErrorFailingURLKey=https://casper-pri.autuni.aut.ac.nz:8443//computer/mdm, NSErrorFailingURLStringKey=https://casper-pri.autuni.aut.ac.nz:8443//computer/mdm}";

4 REPLIES 4

nessts
Valued Contributor II

having just gone through these directions https://jamfnation.jamfsoftware.com/article.html?id=174
did you copy the keystore?

tijones
New Contributor II

Asked someone to do that for me now ill see if it fixes the issue, Do we have to do this every-time we update?

nessts
Valued Contributor II

do you have DNS or a load balancer setup properly?

nessts
Valued Contributor II

i would assume so, there are a couple fo things you have to do every time you update, like restrict the application access too