Trobuleshooting: Resolving certificate name mismatches issue when managing a Hyper-V host in VMM

Use following steps to resolve a name mismatch error when viewing remote desktop connection of a VM on Hyper-V host through VMM (using Virtual Machine Viewer app). When you execute "Connect to virtual machine" action from VMM Administrator Console, you'll get error: "The remote computer couldn't be authenticated due to problems with its security certificate.… Read More »
09.09.2010
By

Use following steps to resolve a name mismatch error when viewing remote desktop connection of a VM on Hyper-V host through VMM (using Virtual Machine Viewer app). When you execute "Connect to virtual machine" action from VMM Administrator Console, you'll get error: "The remote computer couldn't be authenticated due to problems with its security certificate. It mabe be unsafe to proceed". In this case, the popup with error will give you Name mismatch parameters. For e.g.: Requested remote computer: 192.168.1.250 | Name in the certificate from the remote computer: democomputer.redmond.contoso.corp.com.

How to troubleshoot and fix this issue:

  • Use the Internal nic for all virtual machines including the Virtual Machine Management server
  • Add the FQDN of the Hyper-V server to local hosts file on the VMM server (which is located in C:\Windows\System32\Drivers\etc\host. You'll need to change the folder options to view the extensions for known file types. An example entry looks like this. 192.168.1.250 democomputer.redmond.contoso.corp.com.
  • When adding the host into Virtual Machine Manager, make sure you use the FQDN (democomputer.redmond.contoso.corp.com) and clear the option for host to be in a trusted domain (use the non-trusted domain authentication)
  • Finish the rest of the steps to add the host.
  • It will take a few minutes to populate all the virtual machines that are running on the Hyper-V host. Once populated, select a VM and connect to it. You'll get prompted with an error warning. Click on the View certificate button and install the certificate by choosing to manually decide where to place the certificate and click the browse button to install it to the trusted root certification authority. Close the dialog box.
  • From your VMM server click start, run, and type MMC. From the menu bar select File, then select Add\Remove Snap-in. Select Certificates and then select Add for User. Repeat this process and Add Certificates for local computer.
  • Next copy your democomputer.redmond.contoso.corp.com certificate from the user trusted root to the following three places. Right-click the certificate and select copy and then paste into:

  a. Certificates – Current User -> Personal -> Certificates

  b. Computer (Local Computer) -> Personal -> Certificates

  c. Computer (Local Computer) -> Trusted Root Certification Authorities

  • Go back to VMM console and attempt to connect to the VM. You'll probably be prompted for your credentials. Enter your valid domain credentials, i.e. contoso\anotheradmin and select the option to remember my credentials.
  • At this point you should now be able to connect to a virtual machine without any errors. 

[Source]

Join Our Newsletter

Related Posts

Remove Windows Intune agent from local PC

Need to remove Windows Intune from a machine without wiping it? Or has your Windows Intune trial expired and you cannot remvoe agent via the portal? Microsoft removed the Add/Remove programs entry to prevent end users from removing the service easily. There is a...

Make every moment count…

When things in your life seem almost too much to handle, when 24 hours in a day are not enough, remember this story about a mayonnaise jar and 2 cups of coffee... A professor stood before his philosophy class and had some items in front of him. When the class began,...

About the Author

Comments

0 Comments

Submit a Comment

Your email address will not be published.