Whitelabel Error page is encountered when attempting to login to Aria Automation 8.x
book
Article ID: 325874
calendar_today
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
provisioning-service-app logs contain messages similar to
SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Environment
VMware vRealize Automation 8.x
Cause
Aria Lifecycle installs two identical certificates when deploying Aria Automation, one for ingress and one for load-balancer. When the certificate expires or is renewed, it is only updated for the ingress while the one assigned to the load-balancer remains the old certificate.
Resolution
VMware is aware of this issue and a fix is being considered for inclusion in a later release.
See the Workaround section below for additional information.
Workaround:
Prerequisites
Please take simultaneous non-memory snapshots of each virtual appliance(s) in the cluster.
You have access to root user and password
You have SSH or console access to each virtual appliance.
Procedure
SSH / PuTTy into one vRA virtual appliance in the cluster
Run the following command to check the current load-balancer certificate:
vracli certificate load-balancer --list
If the command from Step # 2 returns some certificate information, perform the following to correct the load-balancer certificate.
Run the same command to store the current certificate data: