Performed an upgrade of NFA from 10.0.6 to 10.0.7.  Prior to the upgrade it was running OK with HTTPS configured.  The upgrade was successful, ran the applyhttps script also successful.  After the upgrade the NFA CA Performance Center SSO service does start but stops after few seconds.    From the NFA SSOService.log we can see the following errors:

WARN  | WrapperSimpleAppMain     | 2021-06-15 09:02:19,031 | org.eclipse.jetty.xml.XmlConfiguration                           
      | 
java.lang.IllegalStateException: KeyStores with multiple certificates are not supported on the base class org.eclipse.jetty.util.ssl.SslContextFactory. (Use org.eclipse.jetty.util.ssl.SslContextFactory$Server or org.eclipse.jetty.util.ssl.SslContextFactory$Client instead)
 at org.eclipse.jetty.util.ssl.SslContextFactory.newSniX509ExtendedKeyManager(SslContextFactory.java:1283)
 at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1265)
 at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:372)
 at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:243)
 at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
 at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
 at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
 at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
 at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
 at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:321)
 at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
 at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234)
 at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 at org.eclipse.jetty.server.Server.doStart(Server.java:401)
 at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 at org.eclipse.jetty.xml.XmlConfiguration.lambda$main$3(XmlConfiguration.java:1907)
 at java.security.AccessController.doPrivileged(Native Method)
 at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
 at org.eclipse.jetty.start.Main.start(Main.java:491)
 at org.eclipse.jetty.start.Main.main(Main.java:77)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:325)
 at java.lang.Thread.run(Thread.java:748)

Cannot access the NFA Web console directly.  However, you can access the NFA console via the NetOps Portal page

Release : 20.2

Component : NQRPTA - REPORTERANALYZER

The issue here was using the older version of the applyhttps script. 

The issue was the version of applyhttps script running was  older version and therefore not compatible with NFA 10.0.7.  After downloading and running the newer version of applyhttps script the issue was resolved and was able to start the failed service.  The latest version of applyhttps script is available here: 

https://knowledge.broadcom.com/external/article?articleId=213529