Error "403 Forbidden" or "403 Only SSL connections are allowed" While Forwarding Logs from Aria Operations to Aria Operations for Logs
search cancel

Error "403 Forbidden" or "403 Only SSL connections are allowed" While Forwarding Logs from Aria Operations to Aria Operations for Logs

book

Article ID: 403180

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Aria Operations is unable to forward logs to Aria Operations for Logs when configured with the CFAPI protocol, encountering SSL errors

  • The following errors will be seen in the /var/log/loginsight-agent/liagent_date_number.log file:

    • 2025-07-03 23:38:06.032081 <warng> CurlConnection:181 | Status response code from www.example.com : 403 Only SSL connections are allowed

    • 2025-07-03 23:38:06.032202 <trace> CFApiTransportB:155| Connection was lost

    • 2025-07-03 23:38:06.032215 <trace> CFApiTransport:108 | Postponing connection to www.example.com:9000 by 30 sec.

  • The Certificate related error can also be seen in the /var/log/loginsight-agent/liagent_date_number.log file:

    • Cannot set root CA bundle <Certificate File Path>. File doesn't exist or access is denied.

Environment

  • Aria Operations 8.x

Cause

  • The primary cause was an initial attempt to forward logs from Aria Operations using the CFAPI protocol without SSL (port 9000), while Aria Logs was configured to accept only SSL connections

  • When switched to SSL (port 9543), the log forwarding failed due to an inability to locate or access the root CA bundle for certificate validation

Resolution

Steps to address SSL Connection issues:

  • To resolve SSL connection issues, refer to page 109 of the following document: VMware Aria Operations for Logs 8.18 PDF

  • Alternatively, enable SSL for CFAPI in Aria Operations > Administration > Control Panel > Log Forwarding by checking the “Use SSL” option. This uses port 9453

 

Steps to address SSL Certificate Validation errors:

  • For SSL certificate validation errors, verify that the Path to Certificate Authority file in Aria Operations > Administration > Control Panel > Log Forwarding > Path to Certificate Authority file section is accurate and accessible

  • If required, SSL certificate validation can be bypassed by adding the line ssl_accept_any=yes to the /etc/liagent.ini file on the Aria Operations for Logs appliance

 

Note: Using ssl_accept_any=yes is suitable for trusted internal environments but should be avoided in production if proper certificates are available

Powered by Wolken Software