In an attempt to secure our systems more we have enabled HTTPS and turned off HTTP, we now find that the mcs cli tools ie the JAR file do not work anymore. After executing the command to import profiles an error is returned:
/opt/nimsoft/jre/jre8u102/bin/java -jar mcs-cli.jar profile-import -base_url https://<hostname>/mcsws/v0 -group UIM -file /opt/nimsoft/profiles/cdmsetup.xml -username administor -password <password>
2018-04-25 13:04:06 INFO [main] [com.nimsoft.selfservice.cli.handlers.ProfileImport] Failed to import profile. Error: Failed to get list of device groups.
Error: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
When you open the URL in a browser, it is possible to connect to the page and return a list of all the groups, eg:https://<hostname>/mcsws/v0/groups
In order to connect to the URL via the java command line tool, several prerequisites must be met:
1) the certificate being used by the website (in this case the MCS webservices on the primary hub) must contain a Subject Alternative Name
2) the certificate must be present in the local cacerts keystore of the Java installation used by the MCS cli