The purpose of this knowledge base article is to provide a solution to resolve the issue with trust store encryption changes introduced in FIPS enabled Aria Operations 8.12 and later.

Symptoms:
Following an upgrade to Aria Operations 8.12 or later, an error is displayed in Aria Operations when adding an SSL certificate (note: this example is specific forNetApp integration) but similar error is displayed for other solutions.

The error shows:

Unable to insert a Netapp SSL certificate .pem file

VMware Aria Operations 8.12.x and later with FIPS enabled.

Starting with Aria Operations 8.12 the trust store is now encrypted, and requires extra steps to a a certificate to the trust store. 

to resolve the issue:

1.first, you need a copy of:

truststore.helper.jar file (see attached)

2. Run the truststore_helper.jar file with the following:

java -jar truststore_helper.jar

3. Type Y, and type a friendly name. The name does not matter, but you should provide something descriptive of what the SSL certificate is for. 

4. type in the name and location of the SSL certificate pem file.

5. copy the response from the command above.

note: make sure the provider path reflects the correct version of the bc-fips.....jar file

6. Paste the command and hit enter

type yes.

you will also need to download an updated pack file for the TVS solution you need to update the trust store certificate for.

Impact/Risks:

Not having the solution SSL certificate in the trust store will impact all users. Impact includes:

1. Users will not be able to install ssl certificates for the solution from the GUI.

2. Aria Operations connectivity to the endpoint is not established

3. data collection is impacted