This error message appears in the Nymi Band Application during enrollment.
The following errors appear in the nymi_api.log file:
{"operation":"init","exchange":"41","status":2201,"payload":{},"error":{"error_description":"The requested query was not found on the NES server.","error_specifics":""}}
INFO - Acquiring lock on the update queue sender
INFO - Lock acquired on the update queue sender
DEBUG - client connection error: connection error: An existing connection was forcibly closed by the remote host. (os error 10054)
If an administrator connects to the NES Administrator Console from a web browser, the connection is not secure.
Cause
TLS Certificate was created but the Subject Alternative Name does not contain the required FQDN entries for NES. To determine the Subject Alternative Name(s) that are defined for the TLS certificate, view the properties of the TLS certificate. For example:
- From a web browser, connect to the NES Administrator Console. A
message appears that indicates that the connection is not secure and address bar
displays an unlock symbol beside the URL, as shown in the following figure.
- Select the unlock symbol on the address bar, and from the menu that appears,
select the option to display the information about of the certificate. The
following figure provides an example of the menu options that can appear and the
option to select.
- On the Details tab, scroll down and select the entry for
Subject Alternative Name. The following figure provides an example where the
FQDN of the server does not explicitly appear and the TLS is a wildcard
certificate.
Resolution
Obtain a TLS certificate that defines the FQDN for NES in the Subject Alternative Name attribute, and then import the TLS certificate in IIS. If the NES server is in a highly available configuration that uses a load balancer, include the FQDNs for the virtual server and all the physical servers. The Nymi Connected Worker Platform—Deployment Guide provides more information.
Comments
0 commentsPlease sign in to leave a comment.