Discovery is not working for vCenter configured in Service Account, it returns error Hostname validation failure


Description

When vCenter is configured in Service Account, even if FQDN is used in the Datacenter URL, the actual request is still sent to the IP address of the vCenter.
If SSL is used, it will cause below error:
Caused by: java.security.cert.CertificateException: Hostname validation failure

This is because the certificate is for the FQDN, but not for the server IP address.

Steps to Reproduce

>Create service account for vCenter.

>Run "Discover Datacenters"

>Discovery fails with errors:

"Could not login to VMWare "

"Caused by: java.security.cert.CertificateException: Hostname validation failure"


This happens even though we added "Midserver Security Policy" for the FQDN.

Workaround

> Navigate to "MID Security Policy" under "MID Server" from the navigation tab
> Create an entry for vCenter with the following values:

Name = <put vCenter IP address here>
Active = true
Certificate Chain Check = false
Hostname Check= false
Revocation Check can be either true or false
Policy Type = Overriden Host


Related Problem: PRB1446274