Unable to change the Aria Operations certificate when it uses 4096 bits in the Aria Lifecycle manager
Article ID: 372870
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Unable to change Aria Operations certificate using Aria Lifecycle Manager when certificate use a 4096 bit key
You may see following error in the Aria life cycle:
LCMVROPSYSTEM25016 Import certificate for VMware Aria Operations failed. Import certificate for VMware Aria Operations failed.
In Aria Lifecycle logs : /casa/cluster/security/postcert API call is failing,
2024-05-27 07:45:43.748 INFO [pool-3-thread-11] c.v.v.l.p.c.v.t.CertificateUpdateTask - -- response for certificate 500 : {"error_message_key":"general.failure","error_arguments":[],"error_message":""}
2024-05-27 07:45:43.748 ERROR [pool-3-thread-11] c.v.v.l.p.c.v.t.CertificateUpdateTask - -- Certificate on VMware Aria Operations failed.. giving a chance to the user to retry with new values...
2024-05-27 07:45:43.748 INFO [pool-3-thread-11] c.v.v.l.p.a.s.Task - -- Injecting task failure event. Error Code : 'LCMVROPSYSTEM25016', Retry : 'true', Causing Properties : '{ CAUSE :: skipTask === certificateChain === privateKey =KXKXKXKX }'
com.vmware.vrealize.lcm.plugin.common.vrops.exceptions.CertificateUpdateException: {"error_message_key":"general.failure","error_arguments":[],"error_message":""}
Environment
Aria Operations 8.16 and older versions.
Cause
This problem is only present when changing the Aria Operations certificate key to 4096 bit using Aria Lifecycle Manager. Manually adding certificate PEM with 4096 bit key to Aria Operations is not affected.
Resolution
This is resolved in Aria Operations 8.17.1 or later
Feedback
Yes
No
Powered by
