Unable to update REST host with custom port 8443 in VMware Aria Automation Orchestrator (Formely known as vRealize Orchestrator)
search cancel

Unable to update REST host with custom port 8443 in VMware Aria Automation Orchestrator (Formely known as vRealize Orchestrator)

book

Article ID: 322686

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:

When adding or updating an endpoint for a plugin in VMware Aria Automation Orchestrator, the user is getting a certificate-related error, however, the certificate details, seen in the logs seem to be valid.

The log display only the first certificate in the chain, however, some of the other certificates in the certificate chain provided by the endpoint are expired.

VMware is aware of this issue and will be fixed a on future release. 


Environment

VMware vRealize Orchestrator 8.x

Cause

The log display only the first certificate in the chain, however, some of the other certificates in the certificate chain provided by the endpoint are expired.

Resolution

  1. SSH the Automation Orchestrator appliance (in case of cluster ssh to any of the nodes) and check the connection and the certificates of the endpoint using the following command:
openssl s_client -showcerts -connect ID1:ID2

Where:

  • ID1: FQDN of the rest host.
  • ID2: port, in this case, 8443.
  1. This will display the certificates in the chain, and check all certificates in the chain.
  2. ​​​​​ Fix any certificate that is invalid in the chain. 


Additional Information

Impact/Risks:

No impact to the Automation Orchestrator Appliance.