This knowledge base article helps to validate the custom certificates installed on an AON (Aria Operations for Networks) appliance using the CLI commands.

• VCF Aria Operations for Networks 6.13
• VCF Aria Operations for Networks 6.14.x

• Log in to the AON platform appliance CLI as consoleuser.
• Execute the following command to display the current server certificate details: custom-cert display
• Compare the output (Serial Number, Issuer, and Thumbprint) with the certificates provided by the certificate team.

To perform a deep validation of the full chain, log in to the AON platform appliance CLI as support.

• Navigate to the Nginx SSL Key store directory: cd /etc/nginx/ssl/
• Locate the certificate file vnera.com.crt
• View or copy the content of the certificate: cat /etc/nginx/ssl/vnera.com.crt
• (Optional) Save the content as a .cer or .crt file on a local workstation to inspect the Root and Intermediate CA layers using standard OS certificate viewers.
• Repeat these steps on all nodes in the cluster to ensure consistency.

Refer to How to install, renew and replace a custom (CA Signed) certificate on VCF Operations for Networks