When attempting to add a new Node to an existing Aria Operations for Logs cluster, as a part of replacement of a corrupted node, errors similar to the below are seen on the new node:

io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

...

Caused by: javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

       at sun.security.ssl.Alert.createSSLException(Unknown Source) ~[?:?]

       at sun.security.ssl.TransportContext.fatal(Unknown Source) ~[?:?]

       at sun.security.ssl.TransportContext.fatal(Unknown Source) ~[?:?]

The newly added node cannot recognize the existing certificate on the cluster, so a new certificate needs to be reinstalled for all nodes

1. Delete the abnormally added third node from the cluster.

2. Take a memory-free snapshot of the two normal nodes.

3. Replace the certificates of the normal nodes in sequence according to the following kb, and use nodetool-no-pass status to confirm the cluster status:

https://kb.vmware.com/s/article/93768?lang=en_US

4. Add a new node again