Upload Signed custom Certificate in VMware Aria Operations for Logs 8.18
search cancel

Upload Signed custom Certificate in VMware Aria Operations for Logs 8.18

book

Article ID: 424443

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Following https://knowledge.broadcom.com/external/article?legacyId=93768, after installing ssl certificate by custom-ssl-cerf script:

      /usr/lib/loginsight/application/sbin/custom-ssl-cerf
 
However validated the certificate is not the expected
      echo "" | keytool -list -keystore /usr/lib/loginsight/application/etc/3rd_config/keystore -rfc 2> /dev/null | openssl x509 -noout -enddate 

Environment

VMware Aria Operations for Logs 8.18.3

Cause

In VMware Aria Operations for Logs 8.18.3, the preferred and most reliable method for replacing SSL certificates is through the Web UI.

While the command-line script /usr/lib/loginsight/application/sbin/custom-ssl-cerf was historically used for emergencies (like when the UI is inaccessible due to an expired certificate), it has become less reliable in newer versions due to stricter validation requirements for the internal Cassandra database and cluster-wide synchronization.

Resolution

You can upload a signed SSL certificate from VMware Aria Operations for Logs UI.
1.Log in to the VMware Aria Operations for Logs UI.
2.Expand the main menu and navigate to Configuration > SSL.
3.Select Choose File and browse to the location of your custom SSL certificate and click Open.
4.Click Save.
5.Restart VMware Aria Operations for Logs.

Powered by Wolken Software