Whitelabel Error page is encountered when attempting to login to Aria Automation 8.x
search cancel

Whitelabel Error page is encountered when attempting to login to Aria Automation 8.x

book

Article ID: 325874

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
  • provisioning-service-app logs contain messages similar to 
    SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


Environment

VMware vRealize Automation 8.x

Cause

Aria Lifecycle installs two identical certificates when deploying Aria Automation, one for ingress and one for load-balancer. When the certificate expires or is renewed, it is only updated for the ingress while the one assigned to the load-balancer remains the old certificate.

Resolution

VMware is aware of this issue and a fix is being considered for inclusion in a later release.

See the Workaround section below for additional information.

Workaround:

Prerequisites

  • Please take simultaneous non-memory snapshots of each virtual appliance(s) in the cluster.
  • You have access to root user and password
  • You have SSH or console access to each virtual appliance.

Procedure

  1. SSH / PuTTy into one vRA virtual appliance in the cluster
  2. Run the following command to check the current load-balancer certificate: 
    vracli certificate load-balancer --list
  3. If the command from Step # 2 returns some certificate information, perform the following to correct the load-balancer certificate.
    1. Run the same command to store the current certificate data: 
      vracli certificate load-balancer --list > /usr/current_cert.pem
    2. Delete the certificate information: 
      vracli certificate load-balancer --delete
    3. Redeploy services: 
      /opt/scripts/deploy.sh


Additional Information

Impact/Risks:
Active Directory or LDAP logins fail but local logins work.

Powered by Wolken Software