Replacing self signed certificate of Aria Operations with CA signed certificate using Aria suite lifecycle fails with error code: LCMVROPSYSTEM25000.

Inventory synchronization for VMware Aria Operations fails within Aria Suite Lifecycle following a custom signed certificate replacement outside of Aria suite lifecycle fails with same error code: LCMVROPSYSTEM25000.

• /var/log/vrlcm/vmware_vrlcm.log records the following exception:
  com.vmware.vrealize.lcm.plugin.common.vrops.exceptions.VropsAddressException: Not able to connect to VMware Aria Operations node.
• CURL requests to the Aria Operations CASA endpoint return a 401 Unauthorized status:
  curl -k -X POST "https://<IP_Address>/casa/authorize" -u 'admin'
• Retrying failed request with FQDN/IP address would result same exception and address invalid message in /var/log/vrlcm/vmware_vrlcm.log
address may be invalid FQDN/IP
• Confirm two-way ICMP reachability and bidirectional forward/reverse DNS resolution are operational.
• Validate certificate .pem file in Aria Operations using vropsCertificateTool.py
  $VMWARE_PYTHON_BIN /usr/lib/vmware-casa/bin/vropsCertificateTool.py -i /tmp/cert_chain.pem

VMware Aria Suite Lifecycle 8.18.x
VMware Aria Operations 8.18.x

This issue occurs due to a cryptographic protocol mismatch or restriction between Aria Suite Lifecycle and Aria Operations, which prevents a secure API handshake and authentication.

Enable FIPS in Aria suite lifecycle to fix the issue.

1. Log in to the VMware Aria Suite Lifecycle appliance UI.
2. From My Service dashboard, select Lifecycle Operations and then select Settings.
3. On the System Administration page, click System Details.
4. Activate FIPS Mode Compliance check box and then click UPDATE.
5. Retry inventory Sync or replacing SSL certificate with CA signed for the Aria Operations environment.

Reference: Activate or deactivate FIPS Mode Compliance in VMware Aria Suite Lifecycle