Unable to update the Aria Operations web certificate using Aria Suite Lifecycle
Article ID: 325751
Updated On:
Products
VMware Aria Suite
Issue/Introduction
The purpose of this article is to explain how to renew the web certificate in Aria Operations and restore connectivity between Aria Operations and Aria Suite Lifecycle manager.
Symptoms:
Symptoms:
- Unable to apply/update the Aria Operations web certificate using Aria Suite Lifecycle due to the certificate having already expired.
- The Aria Operations cluster is unable to go ONLINE due to the expired certificate.
Environment
VMware Aria Operations 8.12.x
Cause
- The connectivity between Aria Suite Lifecycle and Aria Operations stops working due to the Aria Operations web certificate having expired.
- This prevents the Aria Suite Lifecycle appliance from renewing the Aria Operations certificate via its certificate renewal workflow.
Resolution
- Take a snapshot of the Aria Operations nodes.
- SSH to ALL of the Aria Operations nodes and login as the root account.
- Reload the default web certificate as per the steps outlined in KB2105229.
- unset -f pathprepend
- unset -f pathremove
- unset -f pathappend
- $VMWARE_PYTHON_BIN /usr/lib/vmware-casa/bin/activate_web_certificate.py DEFAULT
- $VMWARE_PYTHON_BIN /usr/lib/vmware-vcopssuite/utilities/bin/restartHttpd.py
- Repeat the above steps on ALL nodes before continuing to step 4.
- Take the Aria Operations cluster offline via the Admin UI.
- Bring the Aria Operations cluster online via the Admin UI and wait for the cluster to come fully online.
- Trigger an inventory sync from Aria Suite Lifecycle against the Aria Operations environment and verify the inventory sync completes.
- Download the new certificate from the LCM certificate page by selecting 'Download' from the context menu.
- Take the Aria Operations cluster offline via the Admin UI.
- Upload the new custom web certificate via the Aria Operations Admin UI
- This is done by logging in as the Admin user and clicking the certificate icon in the top right hand corner and selecting 'INSTALL A NEW CERTIFICATE' then browsing to the certificate PEM file and uploading it.
- Bring the Aria Operations cluster back online and wait for the cluster to come fully online.
- Trigger an inventory sync from Aria Suite Lifecycle against the Aria Operations environment and verify the inventory sync completes.
- Verify the certificate is listed as in use under the Aria Suite Lifecycle certificate page and view the listed environment and confirm it lists the Aria Operations environment.
Additional Information
Reload the default certificate in vRealize Operations
https://kb.vmware.com/s/article/2105229
Configure a Certificate For Use With vRealize Operations
https://kb.vmware.com/s/article/2046591
Impact/Risks:
Take snapshots of each of the vRealize Operations nodes before performing any maintenance activity.
See How to take a Snapshot for more information.
https://kb.vmware.com/s/article/2105229
Configure a Certificate For Use With vRealize Operations
https://kb.vmware.com/s/article/2046591
Impact/Risks:
Take snapshots of each of the vRealize Operations nodes before performing any maintenance activity.
See How to take a Snapshot for more information.
Feedback
Yes
No
Powered by
