Error: "Client aborts on SNI unrecognized_name warning" after updating SSL certificate of AirWatch Tunnel

Description

After reinstalling the AirWatch Tunnel with an updated SSL certificate, the Test Connection check no longer passes successfully.  After validating the HTTPS connection to the external URL using a server such as Qualys SSL Labs' SSL Server Test, you see that the Java 7 and/or Java 8 test fail with the following error message:

 

Client aborts on SNI unrecognized_name warning

 

Resolution

This error occurs when the server is not configured to respond with the same hostname that is configured in the SSL certificate.  For example, the server may respond as tunnel.air-watch.com when the certificate has actually been issued to gateway.air-watch.com.  To resolve this issue, navigate on the AirWatch Tunnel server to the file /etc/httpd/conf.d/ssl.conf.  Under the SSL Virtual Host Context section, add the hostname that the SSL certificate has been issued to.  After retesting via Test Connection, the test should complete successfully.

Have more questions? Submit a request

0 Comments

Article is closed for comments.