vRealize Operations integration in Skyline fails due to invalid certificate
Article ID: 315978
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
- Attempting to integrate vRealize Operations with Skyline results in the following error:
Certificate has expired Please try a different configuration.
Environment
VMware vRealize Operations 8.0.x
VMware vRealize Operations 8.1.x
VMware vRealize Operations 8.1.x
Cause
This issue occurs after Skyline has auto updated. Later versions of Skyline enforce a valid certificate chain. Within the PEM file for vRealize Operations there are multiple certificates and if any old certs are present, this will cause Skyline to reject the integration.
Resolution
To resolve this issue, remove the old certificates from vRealize Operations.
- Log into the Primary node as root via SSH or Console, pressing ALT+F1 in a Console to log in.
- Run this command to backup the cacert.pem file:
cp /data/vcops/user/conf/ssl/cacert.pem /data/vcops/user/conf/ssl/cacert.pem.bak
- Open /data/vcops/user/conf/ssl/cacert.pem in a text editor.
- Remove the last two certificates in this file. The certificates are noted with -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- at the beginning and end of the certificate, respectively.
Note: This may only leave one cert in the chain; this is to be expected.
- Save the file and exit
- Restart the web services by running the following command:
vRealize Operations 7.x
service apache2 restart
vRealize Operations 8.x
service httpd restart
service apache2 restart
vRealize Operations 8.x
service httpd restart
- Repeat steps 1-5 on all nodes in the vRealize Operations cluster.
Feedback
Yes
No
Powered by
