After certificate replacement, logs are not sent from the Aria Automation instance to Aria Operations for Logs
search cancel

After certificate replacement, logs are not sent from the Aria Automation instance to Aria Operations for Logs

book

Article ID: 434104

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • After replacing the SSL certificate on your VMware Aria Operations for Logs server, you may observe that VMware Aria Automation instances stop sending logs.
  • Attempts to manually update the liagent.ini file on the Aria Automation appliance to restore connectivity do not persist, and log forwarding remains broken.

Environment

VMware Aria Operations for Logs 8.18.x

VMware Aria Automation 8.18.x

Cause

The VMware Aria Automation appliance retains the old certificate trust and connection state. The connection state must be updated at the system level using the 'vracli' utility to establish trust with the new certificate.

Resolution

To resolve this issue, you must unset and re-set the logging endpoint on the VMware Aria Automation appliance.

  1. Connect to the VMware Aria Automation appliance via SSH.

  2. Run the following command to unset the current logging endpoint:

    • vracli vrli unset
  3. Run the following command to configure the endpoint and accept the newly applied certificate;
    • vracli vrli set https://<Ops_for_Logs_FQDN>:9543

Additional Information

If your environment requires accepting any SSL certificate without strict validation, you can append the insecure flag;

  • vracli vrli set https://<Ops_for_Logs_FQDN>:9543 --insecure
Powered by Wolken Software