Update Aria Operations for Logs agents to use new CA certificate
search cancel

Update Aria Operations for Logs agents to use new CA certificate

book

Article ID: 386897

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

When replacing your custom or CA certificate, your agents may need to be updated to accept the new certificate.

Environment

Aria Operations 8.14.x and newer.

Cause

When the agent is initialized, the default behavior is set to trust any certificate. Once the agent has established a trust relationship with the Aria Operations for Logs server, any subsequent certificate renewal will require updating the agent configuration.

 

Resolution

Option 1

Use the UI to edit the group configuration in Management > Agents:

More information can be found at Broadcom's VMware Aria Operations for Logs 8.18 documentation.

 

Option 2

On a Windows target system, go to C:\ProgramData\VMware\Log Insight Agent\

and edit liagent.ini to uncomment and/or add:

[server]
hostname=<FQDNorIPofPrimaryAOLNode>
proto=cfapi
ssl=yes
ssl_accept_any_trusted=yes

[update]
package_type=msi
auto_update=yes

 

Restart using the Service MMC snap-in.

 

On RHEL/CentOS/Fedora based linux, the configuration file is in /etc/liagent.ini

Uncomment the line or add the following using VIM or VI:

[server]
hostname=<FQDNorIPofPrimaryAOLNode>
proto=cfapi
ssl=yes
ssl_accept_any_trusted=yes

[update]
package_type=msi
auto_update=yes

Once saved, you will need to restart the agent:

 

systemctl restart liagentd

 

Powered by Wolken Software