Unable to start the Data Aggregator after an upgrade
Data Aggregator shows as failed after an upgrade
The certificate used on the Data Aggregator (DA) is configured to use multiple Subject Alternative Names (SAN)
REST calls fail with no response when configured for https, but succeed when reverted to http.
The following error is shown in the karaf.log:
Could not start the servlet context for context path 
java.lang.IllegalStateException: KeyStores with multiple certificates are not supported on the base class org.eclipse.jetty.util.ssl.SslContextFactory. (Use org.eclipse.jetty.util.ssl.SslContextFactory$Server or org.eclipse.jetty.util.ssl.SslContextFactory$Client instead)
Release : 21.2.3+
Component : PMAGGR
The newly required $Server parameter is missing. This is required when using a Data Aggregator with HTTPS and have multiple Subject Alternative Name ( SAN ) entries
This issue has been fixed in DX Netops 21.2.7 and later:
Symptom: When using a HTTPS certificate with multiple Subject Alternate Name entries with the data Aaggregator, an exception is thrown with the following message: KeyStores with multiple certificates are not supported on the base class org.eclipse.jetty.util.ssl.SslContextFactory.
Resolution: With this fix, the jetty XML has been upgraded, and now uses the org.eclipse.jetty.util.ssl.SslContextFactory$Server class that supports multiple Subject Alternate Name entries in the certificate.
(21.2.7, DE524843, 32973477)
WORKAROUND for versions 21.2.3->21.2.6:
Note: This will need to be accomplished on BOTH Data Aggregators if using Fault Tolerance
1. Edit /opt/IMDataAggregator/apache-karaf-*/etc/jetty.xml
2. Change this entry:
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
3. Restart the dadaemon process either by systemctl or forcing a failover if using fault tolerance