ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Sslconfig Validation fails with error referencing ietty.sslContext settings in ssl.ini

book

Article ID: 239964

calendar_today

Updated On:

Products

DX NetOps CA Performance Management - Usage and Administration

Issue/Introduction

Sslconfig Validation fails with the following error:

Critical: The path to the key store or trust store is incorrect in /opt/CA/PerformanceCenter/PC/start.d/ssl.ini
                        Ensure that the jetty.sslContext settings in the Performance Center ssl.ini file match the values used to import your SSL certificate

 

 

Cause

Symptom: SslConfig fails Health Check with "IllegalStateException: KeyStores with multiple certificates are not supported" when a certificate containing multiple SAN entries is used.
Resolution: With this fix, The SslConfig utility's Health Check passes/supports certificates that contain multiple SAN entries.
(21.2.1, DE497559)

Environment

Release : 20.2

Component :  NetOps Portal web server

Resolution

The certificate has multiple SANs and is < 21.2.1 therefore the error is benign and fixed 21.2.1 and later