• Usage Meter 4.8 UI displays Warning " Failed to process journal=>read
• /opt/vmware/cloudusagemetering/var/logs/gw_main.log indicate :

          org.bouncycastle.tls.TlsFatalAlert: certificate_unknown(46)
        at org.bouncycastle.jsse.provider.ProvSSLSocketWrap.checkServerTrusted(ProvSSLSocketWrap.java:131)
        at org.bouncycastle.jsse.provider.ProvTlsClient$1.notifyServerCertificate(ProvTlsClient.java:377)
        at org.bouncycastle.tls.TlsUtils.processServerCertificate(TlsUtils.java:4849)
        Caused by: java.security.cert.CertificateException: TrustAnchor found but certificate validation failed.
        at org.bouncycastle.jsse.provider.ProvX509TrustManager.validateChain(ProvX509TrustManager.java:318)
        at org.bouncycastle.jsse.provider.ProvX509TrustManager.checkTrusted(ProvX509TrustManager.java:273)
        at org.bouncycastle.jsse.provider.ProvX509TrustManager.checkServerTrusted(ProvX509TrustManager.java:182)
        at org.bouncycastle.jsse.provider.ProvSSLSocketWrap.checkServerTrusted(ProvSSLSocketWrap.java:127)
        ... 46 common frames omitted
        Caused by: java.security.SignatureException: certificate does not verify with supplied key
        at org.bouncycastle.jcajce.provider.X509CertificateObject.checkSignature(Unknown Source)

• While renewing Usage Meter certificate, below error is observed :

VMware Usage Meter 4.8

This happens due to permission issue with the key.pem file.

In order to resolve the issue, the root permission of Key.pem file needs to be changed to usage meter.

• Take snapshot of Usage Meter VM
• Navigate to directory : /opt/vmware/cloudusagemetering/platform/security/
• Change the permission of key.pem file using command : chown usagemeter:usagemeter key.pem
• Retry the Certificate Renewal Process