After a vCenter server's SSL certificate has been updated or renewed, Aria Automation (vRA) cloud accounts become "Unavailable for Deployment" or report "Image Synchronization failed.", or unable to search for vCenter Cluster in Workflows. Simultaneously, vCenter endpoints in Aria Orchestrator (vRO) show as "unusable" with SslException and CertificateValidationException errors, specifically: Server certificate chain is not trusted and thumbprint doesn't match. This indicates a loss of trust between Aria products and the vCenter server.

Aria Automation

Aria Orchestrator

vCenter Server

When the vCenter server's SSL certificate is changed, Aria Automation and Aria Orchestrator, which have previously accepted and trusted the old certificate, lose their secure connection to vCenter. They no longer recognize or trust the new certificate presented by vCenter. This breaks the SSL/TLS handshake, preventing any secure communication and leading to functional outages related to vCenter integration. Both Aria Automation's cloud accounts and Aria Orchestrator's vCenter endpoints must explicitly import and trust the new certificate to re-establish the connection.

Update the trust store in both Aria Automation and Aria Orchestrator for the new vCenter certificate.

A. For Aria Automation Cloud Account:

1. Log in to Aria Automation as an administrator.
2. Navigate to Infrastructure > Cloud Accounts.
3. Locate and select the vCenter Cloud Account that is showing issues.
4. Click the Edit button (pencil icon).
5. In the Cloud Account configuration window, re-enter the password for the vCenter connection.
6. Click the Validate button.
7. A certificate warning dialog will appear, indicating that the certificate has changed. Review the certificate details and click ACCEPT or YES to import the new certificate into Aria Automation's trust store.
8. Click SAVE to apply the changes to the Cloud Account.
9. If this doesn't resolve the cloud account.  Use steps in this KB318756 to update the cloud account with the new certificate.

B. For Aria Orchestrator vCenter Endpoint:

1. Log in to the Aria Orchestrator client (either the vRO Control Center or the vRO client/web interface).
2. Navigate to the Library tab (or equivalent, depending on vRO version) and then to Workflows.
3. Search for the built-in workflow: "Update a vCenter Server instance" (or similar, depending on vRO version and plugin). This workflow is typically found under Library > vCenter > Configuration.
4. Run this workflow, providing the necessary input parameters for your vCenter instance. This workflow will prompt you to accept the new vCenter certificate, thereby updating Aria Orchestrator's trust store.