In a new vCD install, when you try to add your NSX-T (or V), you will get this error: “Certificate xxxx is already trusted.”
Suppose you upgrade your vCloud Director to version v10.3 and trying to deploy a new vApp, VM, or Network that uses NSX-T. In that case, you also get the same type of error, but now with a different message: “Certificate for <NSX-IP> doesn’t match any of the subject alternative names.”
I know this happens now in vCloud Director v10.3 because before v10.3 we could disable hostname verification for NSX-T, vCenter, and vSphere. But in the new v10.3 version, this option is only for vCenter and vSphere. So when we have an NSX-T added to our vCloud Director, or tying to add and have the URL:https://FQDN different from the common name that we have in the certificate, we get this type of error.
Just FYI I have tried creating a new certificate in which the certificate name is the same as the common name but vCD doesn't doesn't show that up.
Any suggestions on how to resolve this?