VMware Aria Orchestrator server is not accessible after updating the authentication vCenter Certificate.
search cancel

VMware Aria Orchestrator server is not accessible after updating the authentication vCenter Certificate.

book

Article ID: 386631

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:

  • vco-app pods are stuck at 2/3 containers (or 1/2 in 8.18.x) according to kubectl -n prelude get pods
  • This means the main Orchestrator GUI does not load and it can't be used for any vRO tasks
  • The vCenter Server which authenticates Orchestrator has recently had its SSL certificate replaced
  • The main Orchestrator log shows an SSL cert error (/services-logs/prelude/vco-app/file-logs/vco-server-app.log) such as:
javax.net.ssl.SSLHandshakeException: Certificate is not in CA store or is invalid.
 ... Failed to instantiate ...
 ERROR vco [...] {} com.vmware.o11n.service.spring.bootstrap.ServiceBootstrap - Application context initialization failed!

 

Environment

  • VMware Aria Automation Orchestrator 8.x

Cause

  • The new certificate for the authenticating vCenter Server is not added to the vRO trust store

Resolution

Add the new vCenter certificate to the Orchestrator trust store following steps in the documentation.

Powered by Wolken Software