I have two SharePoint (SP) farms with Office Online Server (OOS). One of them - test environment and other - production.
On each Production OOS server, an error appears in the ULS every second:
Exception while pinging machine [Machine=[6f4107d65db44c90808622fc03c9a01d], Cluster [null], Environment=[MsoSpProduction]], service instance
at [UREDACTED_(iGC12yXWuNS4z3SZ+KTYxQfawlpRQt+bPlHWC41uC40=)], after [1] retries. Error code was [MachinePingFailed], message [The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.]. Exception: Microsoft.Office.Web.Common.HttpRequestAsyncException: No Response in WebException ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
where [Machine=[6f4107d65db44c90808622fc03c9a01d] - OOS server ID. Moreover, there are 4 errors with four OOS server IDs.
These IDs are stored in C:\ProgramData\Microsoft\OfficeWebApps\Data\FarmState\topology.xml
As far as I understand, one error corresponds to one user accessing a Microsoft Office file (Word, Excel, etc.). We have about 30,000 users and the load is extremely high.
As a result, the ULS file grows to 2 gigabytes every hour.
On the test farm, everything is fine, there are no errors. The settings on both farms are the same, and the certificates on all servers are valid, with the *.domain.ru. The OOS servers have Friendly Names specified for the certificates (OOS cannot work without them). The certificates are installed by policy, and there are no issues with them in other systems.
I built another OOS farm with four servers and connected it to the test SP farm. During testing, no errors were observed, so I decided to connect it to the production SP and disconnect the old one. However, after connecting the new OOS farm, the same errors started appearing on it. This leads to the conclusion that the issue is with the Production SP, not OOS.
Check the Server's SSL/TLS Certificate:
Make sure the server's SSL/TLS certificate is valid and not expired. Ensure that the certificate is issued by a trusted Certificate Authority (CA). Verify that the certificate's Common Name (CN) or Subject Alternative Name (SAN) matches the server's hostname.