Hi, 

We are tryng to install desktop sync, but show the following error:

"ERROR [2020-09-14 08:05:13.739] [main] org.alfresco.service.subscription.impl.config.ConfigurationImpl - Exception getting sync service configuration from repository
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <172.31.184.24> doesn't match any of the subject alternative names: [*.ceca.es, ceca.es]"

We have a test enviroment whit https, this is our config.yml sync file:

springContextFileLocation: sync-spring.xml
version: 2.2.3 (19)

# ActiveMQ config
messaging:
username:
password:
dataFormat: defaultDataFormatDef
txnManager: syncRequiredTxn
nodeEvents:
numThreads: 1
events:
repo:
node:
peakChangesWindowSize: 1000
numConsumers: 5
maxConsumers: 10
threadAffinityTracking: WarnOnMismatch
prefetchSize: 1000
redelivery:
numRetries: 5
backOffMultiplier: 2.0
deadletterUri: jms:queue:dead.alfresco.repo.events.nodes
endpoint:
name: Consumer.[syncServiceId].VirtualTopic.alfresco.repo.events.nodes
uriName: ${messaging.events.repo.node.endpoint.name}
type: Queue
uri: syncActivemq:${messaging.events.repo.node.endpoint.uriName}
bean: org.apache.activemq:type=Broker,brokerName=localhost,destinationType=${messaging.events.repo.node.endpoint.type},destinationName=${messaging.events.repo.node.endpoint.name}
broker:
host: localhost
port: 61616
url: failovertcp://${messaging.broker.host}:${messaging.broker.port}?wireFormat.maxInactivityDurationInitalDelay=30000)?timeout=3000&jms.useCompression=true&startupMaxReconnectAttempts=0&jms.redeliveryPolicy.maximumRedeliveries=${messaging.events.repo.node.maxConsumers}
pool:
maxConnections: 5
maxActiveSessionsPerConnection: 101
activeMQMetrics:
initialDelay: 10
period: 10

# SQL persistence config
sql:
#
# Manually control how the system handles maximum string lengths.
# Any zero or negative value is ignored.
# Only change this after consulting support or reading the appropriate Javadocs for
# org.alfresco.repo.domain.schema.SchemaBootstrap for V2.1.2
maximumStringLength: -1
#
# Limit hibernate session size by trying to amalgamate events for the L2 session invalidation
# - hibernate works as is up to this size
# - after the limit is hit events that can be grouped invalidate the L2 cache by type and not instance
# events may not group if there are post action listener registered (this is not the case with the default distribution)
hibernateMaxExecutions: 20000
db:
schema:
name: null
update:
flag: true
lockRetryCount: 5
lockRetryWaitSeconds: 1
driver: oracle.jdbc.OracleDriver
url: jdbcracle:thin:@*********
username: **********
password: ***********
pool:
initial: 50
max: 100
statements:
enable: true
max: 275
min: 10
idle: 50
wait:
max: 5000
validate:
query:
borrow: true
return: false
evict:
interval: 600000
idle:
min: 1800000
#
# note: for 'db.pool.evict.num.tests' see http://commons.apache.org/dbcp/configuration.html (numTestsPerEvictionRun)
# and also following extract from "org.apache.commons.pool.impl.GenericKeyedObjectPool" (1.5.5)
#
# * The number of objects to examine during each run of the idle object evictor thread (if any).
# * When a negative value is supplied, <code>ceil({@link #getNumIdle})/abs({@link #getNumTestsPerEvictionRun})</code>
# * tests will be run. I.e., when the value is <code>-n</code>, roughly one <code>n</code>th of the
# * idle objects will be tested per run.
#
num:
tests: 1
validate: false
abandoned:
detect: false
time: 300
#
# db.pool.abandoned.log=true (logAbandoned) adds overhead (http://commons.apache.org/dbcp/configuration.html)
# and also requires db.pool.abandoned.detect=true (removeAbandoned)
#
log: false
txn:
isolation: -1
transaction:
mode:
readOnly: PROPAGATION_REQUIRED, readOnly
default: PROPAGATION_REQUIRED

# Dropwizard specific server configuration. Custom user property names are not allowed in this section.

server:
type: default
applicationConnectors:
- type: http
port: 9090

# type: https
# keyStorePath: ./sync.jks
# keyStorePassword: N9SnIgrcAx7zWr
# keyStoreType: JCEKS
# validateCerts: false

adminConnectors:
- type: http
port: 9093
requestLog:
appenders: []

repo:
scheme: https
hostname: 172.31.184.24
port:
syncconfig:
url: ${repo.scheme}://${repo.hostname}/alfresco/service/devicesync/config

sync:
descriptor:
name: SyncDescriptor
whitelistAllNodeTypes: false
checker:
endpoint: alfresco/service/devicesync/checktxns
# in ms
checkDuration: 60000
health:
events:
# in ms
eventLagTolerance: 5000
# Authentication config (for authenticating against a repository)
authentication:
basicAuthUrl: ${repo.scheme}://${repo.hostname}:${repo.port}/alfresco/s/api/authentication
cache:
expiryMs: 900000
cleanup:
# 28 days
keepPeriod: 28d
events:
# every hour
schedulerExpression: 0 0 * ? * *
# time for the job thread to sleep before releasing the lock after the job has completed(in seconds)
jobSleepTimeInSeconds: 25
# specify the number of records to return
maxItems: 10000
numThreads: 2
batchSize: 100
authEvents:
# every 4 hours
schedulerExpression: 0 0 */4 ? * *
# time for the job thread to sleep before releasing the lock after the job has completed(in seconds)
jobSleepTimeInSeconds: 25
# specify the number of records to return
maxItems: 10000
numThreads: 2
batchSize: 100
txns:
# every hour between 00:00 and 7:00
schedulerExpression: 0 0 0-7 ? * *
# time for the job thread to sleep before releasing the lock after the job has completed(in seconds)
jobSleepTimeInSeconds: 25
# specify the number of records to return
maxItems: 10000
numThreads: 2
batchSize: 100

# Syncer thread pool (for handling sync resolutions of client and repository changes)
threadpool:
size:
core: 100
max: 400
# Integer max value
queueCapacity: 2147483647
camel:
endpoint:
alfresco:
monitoring: activemq:topic:alfresco.monitoring
cluster:
# This specifies a particular network interface to use for clustering.
# It might be a wildcard value, such as 10.256.*.*, which means an attempt is made to bind with an interface having an IP address beginning with 10.256.
# If left empty Hazelcast will bind by default to a non-loopback IP e.g: 192.168.0.10
interface:
enabled: true
hazelcast:
autoinc:
# This enables Hazelcast to make several attempts to find a free port
# It's recommended that you do not use this property.
# However, it should be set to true when attempting to start multiple sync service instances on the same machine.
# In this case the loopback IP(127.0.0.1) must be specified for the sync.cluster.interface
port: false
metrics:
reporter:
graphite:
# ip of graphite server
address: 127.0.0.1
enabled: false
# in seconds
pollingInterval: 60
# port of graphite carbon receiver
port: 2003
prefix: org.alfresco.sync

hibernate:
jdbc:
use_streams_for_binary: true
batch_size: 32
show_sql: false
cache:
provider_class: org.alfresco.service.cache.HibernateCacheProvider
use_query_cache: false
use_second_level_cache: false
max_fetch_depth: 10
default_batch_fetch_size: 1
connection:
release_mode: auto
isolation: 2

logging:
level: INFO
loggers:
"org.alfresco.service.common.auth": WARN
"org.apache.activemq": WARN
"com.sun.jersey.api.container.filter.LoggingFilter": WARN
"org.alfresco.service": INFO
appenders:
- type: console
threshold: ALL
timeZone: UTC
target: stdout
logFormat: "%-5level [%d{yyyy-MM-dd HH:mm:ss.SSS}] [%thread] %logger - %msg%n"
- type: file
threshold: ALL
timeZone: UTC
currentLogFilename: ./logs/sync-service.log
archive: true
archivedLogFilenamePattern: ./logs/sync-service-%d.log.gz
archivedFileCount: 5
logFormat: "%-5level [%d{yyyy-MM-dd HH:mm:ss.SSS}] [%thread] %logger - %msg%n"

Any one can tell me what are we doing wrong?

Thanks for your help!

J.Carlos