Changed server domain, it can see Otto but cant connect to the server

for reasons too long to explain I moved my server from subdomain.co.uk to subdomain.com
Have successfully done my SSL and I can see all the FileMaker files I need to
I went to OCC and removed the old server
Then added it with new address, and OCC can see the version of FMS and Otto correctly
Went to Otto and removed AdminAPI key and made a new one, copy pasted it but then I get error it could not connect, so tried whole process again asking to make a key for me. The key is not created and I get this:

Screenshot 2024-03-29 at 21.35.351454×836 84.7 KB

I had restarted Otto before I tried all of this as server process was restarted to do the SSL
This is Windows Server 2019 on AWS

Hey John,

It looks like we’re getting an ssl cert error on the backend. I’ll add it to the list to pass back a better error, but the error we are getting is: “Host: subdomain.com. is not in the cert’s altnames: DNS:subdomain.co.uk, DNS:www.subdomain.co.uk”.

Did you change the ssl right before attempting to add it back to the console? Its possible the cert may have been cached somewhere.

I’ll get a better error passed back for you in the future!!

-Kyle

Well yes, like 15 mins before…
Will try again tomorrow

Didn’t work.
Correction, after I had rebooted the ‘right’ server…
It is now working

I had done cache things locally and that made no difference, and had restarted service yesterday…

Interesting…

Thanks for letting us know.

Todd

Thanks
Agree with @kduval that is was an SSL issue, because I had changed from .co.uk to .com and most likely to be something cached.

Will be interesting to see when its time to renew an SSL if OCC will pick up the new cert or think it has expired

@john_r do you get an ssl error if you connect to your url via a browser?

No. And wasn’t after updated the cert.
The issue seems to be that FileMaker Server only needs the service to be restarted to pick up the new cert, but I had to restart the whole machine for OCC to pick up the new information. Make sense?

This is, I appreciate one of those edge cases. Normally you would be adding a brand new server, not one that you had changed the domain for.

Huh that does make some sense. Thanks for reporting back on how you fixed it!

-Kyle

@kduval
went and looked at syslog to check for something with node-red and found that this had been happening:
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: Af [TRPCError]: No auth token
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at /snapshot/ottofms-server/index.js
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at c (/snapshot/ottofms-server/index.js)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at t (/snapshot/ottofms-server/index.js)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at c$e (/snapshot/ottofms-server/index.js)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at wPi (/snapshot/ottofms-server/index.js)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at /snapshot/ottofms-server/index.js
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at Array.map ()
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at Zjr (/snapshot/ottofms-server/index.js)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: at async /snapshot/ottofms-server/index.js {
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: code: ‘UNAUTHORIZED’,
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: [cause]: undefined
Mar 31 14:00:56 ubuntu ottofms-linux-x64[1135]: }

Hey John,

how often is that error happening? We throw that error when you attempt to access the ottofms console without a valid browser cookie. I would expect it to fire sometimes (usually just when you go to the console and get redirected to login).

-Kyle