Unable to login to Aria Operations Admin UI after SSL certificate expiration
search cancel

Unable to login to Aria Operations Admin UI after SSL certificate expiration

book

Article ID: 433555

calendar_today

Updated On:

Products

VMware Aria Operations (formerly vRealize Operations) 8.x

Issue/Introduction

Following the expiration of an SSL certificate in VMware Aria Operations, attempts to log in to the Admin UI (https://<FQDN>/admin) may fail. The interface may exhibit the following symptoms:

  • The login page refreshes or remains static after entering credentials.
  • No "Invalid Credentials" or "Service Unavailable" errors are displayed.
  • The authentication appears to succeed but the user is not redirected to the dashboard.

Environment

VMware Aria Operations 8.18.x

Cause

This behavior is caused by stale browser cookies or cached session information that remains associated with the previous (now expired) SSL certificate. This conflict prevents the browser from establishing a valid administrative session

Resolution

To resolve this issue and replace the expired certificate, perform the following steps:

  1. Clear Browser Cache: Clear the cookies and temporary internet files for the browser being used. Alternatively, open the Admin UI in a private/incognito window. Or a different browser all together. 
  2. Login to Admin UI: Access the Admin UI at https://<Aria-Operations-FQDN>/admin using the local admin account.
  3. Take Cluster Offline: Navigate to the Cluster Management view and select Take Cluster Offline. Confirm that the cluster status reaches the "Offline" state.
  4. Upload New Certificate:
    • Click the SSL Certificate (lock) icon located in the top-right corner of the Admin UI.
    • Select Install New Certificate.
    • Upload the .pem certificate file. Ensure the file contains the full chain (Leaf, Intermediates, and Root) and the Private Key.
    • Click Install.
  5. Bring Cluster Online: Once the certificate update is confirmed across all cluster nodes, select Bring Cluster Online.

Additional Information

If the Admin UI remains inaccessible after clearing the cache, the certificate may need to be replaced via the Command Line Interface (CLI) or the API.

Powered by Wolken Software