The Aria Operations for Logs admin password is locked and attempting to check the status from the command line fails:

• Running the check status or reset commands (e.g., li-reset-admin-passwd.sh --checkAdminStatus or li-reset-admin-password.sh --resetAdminPassword) fail with the error indicating a database communication issue: FAILED: Unable to get user data. Possible cassandra is down.
• Running cqlsh-no-pass returns an error: Tried connecting to [('loopback', 9042)]. Last error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate

Aria Operations for Logs 8.18.x

The custom SSL certificate applied to the Aria Operations for Logs user interface is missing the clientAuth x509v3 extended key usage extension. This missing configuration prevents the Cassandra database from properly authenticating the certificate for internal communication, causing the password utility scripts to fail.

To temporarily resolve the underlying communication issue and reset the admin password, follow these steps:

1. Log into the Aria Operations for Logs node as root via SSH or the vSphere Console.
2. Temporarily disable certificate validation by running this command to update the cqlshrc configuration file: sed -i 's/validate = true/validate = false/' /storage/core/loginsight/cidata/cassandra/config/cqlshrc
3. Run the following command to reset the admin password: /usr/lib/loginsight/application/sbin/li-reset-admin-password.sh --resetAdminPassword <NewPassword>

The change to cqlshrc will not persist between reboots. Refer to After installing a custom SSL certificate, you receive an error when checking the status of the admin account password: FAILED: Unable to get user data. Possible Cassandra is down. for a permanent resolution.