Importing a new certificate in the vRA VAMI resets embedded vRO authentication settings to Default
book
Article ID: 328130
calendar_today
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
You are using vRealize Automation embedded vRO for XaaS and Orchestration.
You have applied new certificates to the vRA appliance through the VAMI page as described in the Replace Certificates in the vRealize Automation appliance section of the vRealize Automation 7.2 documentation.
You are seeing errors while trying to access XaaS objects in the vRA portal for certain users after applying the new certificate.
Logging into the vRO control center and navigating to Configure Authentication Provider, you see that they are back to default settings with vsphere.local\vcoadmins as the vRO Admin group and vsphere.local as the tenant.
Cause
This issue occurs because, when updating certificates on the vRA VAMI, the embedded vRO reconfigures to be aware of the new certificate. This will revert the com.vmware.o11n.sso.admin.group.name and com.vmware.o11n.sso.admin.group.domain settings in /etc/vco/app-server/sso.properties to the default settings.
Resolution
This issue is resolved in VMware vRealize Automation 7.4, available at VMware Downloads.
To resolve this issue, you should manually re-apply the previous settings:
Log in to the vRealize Orchestrator Control Center. For more information, see Log in to the vRealize Orchestrator Configuration Interface section of vRealize Automation 7.2 documentation.
Navigate to Configure Authentication Provider and select.
Click the Admin Group field and type the name of the group that was previously used for the administrative group.
Click Change next to that field.
If you need to update the Tenant field, edit the field to the appropriate tenant and click Change next to that field.
Click Save Settings at the bottom of the page.
If the above procedure fails to save or you have issues recovering your settings, please open a case with VMware Global Support Services to assist further. For more information, see Filing a Support Request in Customer Connect (2006985).
Additional Information
Impact/Risks: VMware strongly recommends taking a snapshot or backing up your system at appropriate intervals to provide stable options to revert changes.