Unable to configure log forwarding to Operations for Logs in Aria Automation by using the vracli vrli set https://<operations for logs URL>:9543 because of SSL handshake timeout
search cancel

Unable to configure log forwarding to Operations for Logs in Aria Automation by using the vracli vrli set https://<operations for logs URL>:9543 because of SSL handshake timeout

book

Article ID: 378076

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

When attempting to use the following command, it times out with an SSL handshake timeout error.

vracli vrli set https://<operations for logs URL>:9543

...
requests.exceptions.ReadTimeout: HTTPSConnectionPool(host='<operations for logs URL>', port=9543): Read timed out. (read timeout=30)
2024-07-29 23:45:56,532 [ERROR] Exception while setting vRLI.
...
raise self.VerificationError("Server certificate validation failed")
vracli.commands.vrli.VRLICommands.VerificationError: Server certificate validation failed
Exception while setting vRLI. Server certificate validation failed

When running the openssl s_client command as below, it only shows it connects, but does not display certificate data:

openssl s_client -connect <operations for logs URL>:9543 -showcerts

CONNECTED(00000003)

<no certificate data>

The expected behavior is that it shows certificate data.

-----BEGIN CERTIFICATE-----
some certificate data
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
some certificate data
-----END CERTIFICATE-----

Environment

Aria Automation 8.x

Operations for Logs 8.x

No proxy is being used between the two.

Cause

This is caused by a firewall in between where TCP is not opened on port 9543.  The port itself might be allowed to pass data, but not over the TCP transport layer.

Resolution

Ensure there are no firewalls blocking TCP on port 9543.

If there are, open port 9543 on the firewall for TCP.

Additional Information

Powered by Wolken Software