Discovery VMWareVCenterVMTagsProbe does a certificate check for the vCenter API connection, which can prevent the connectionDescriptionVMWare discovery is not consistent when doing certificate checks for the API calls to vCenter, and is done differently for VMWareVCenterVMTagsProbe compared to VMWarevCenterVMsProbe/VMWarevCenterDatastoresProbe. Certificate checks are only being done when discovering VMWareVCenterVM tags, even though its the same endpoint and potentially self-signed or internal company CA certificate. Checks shouldn't be done at the probe level. MID Server platform takes care of this anyway with MID Security Policy.Steps to Reproduce Run VMWare Discovery and discover tags.Certificate checks are done for the vcenter webserver's TLS certificate. Actual behaviour: VMWareVCenterVMTagsProbe does a certificate check itself, which is not needed. Discovery will have no issue discovering VMs ,Datastores or other resources, but may fail with a certificate exception when discovery VM tags. Certificate checks are only being done when one wants to discovery VMWareVCenterVM tags causing the VMWareVCenterVMTagsProbe to fail with: vCenter Message: java.security.cert.CertificateException: No subject alternative names matching IP address xx.xxx.xx.xx found Expected behaviour: The MID Server platform's MID Security Policy should be left to define whether certificate checks are needed or wanted for the vCenter endpoint.WorkaroundThis problem is currently under review and targeted to be fixed in a future release. Subscribe to this Known Error article to receive notifications when more information will be available. Workaround: Please import the the endpoint certificate of the vCenter device from the device admin/owner and import the certificate on the MID Server. Once the certificate chain is in the java cacerts file, the certificate will be trusted by the VMWareVCenterVMTagsProbe. https://docs.servicenow.com/csh?topicname=t_SetUpSecureSSLConnection.html&version=latestRelated Problem: PRB1752501