Unable to  collect execution logs from ROC when  Secure Communications is enabled between NES and NAC .

When collecting the logs there is a error displayed which looks like : 

<Please see attached file for image>

The configuration in step 19  from the procedure setting  Secure Communications  is not always loaded correctly.

Step 19:

Open the RA_HOME\conf\security-customization.properties file that you created when securing UI communication, and add the following lines:

You can resolve this in two way's.

Solution 1:

You can add  the certifcate from the NES to to Java default truststore cacerts . 

to do this run keytool in the RA_HOME directory. 

.\jre\bin\keytool -importcert -alias ra-nes1 -file nes1.crt -keystore jre/lib/security/cacerts -v -rfc 

The default password for cacerts is changeit.

Solution 2:

point the java runtime used by tomcat to the custom-truststore which contains the certificates from the NES  by adding the following 
startup parameters in RA_HOME$\bin\catalina.sh file on Unix.

-Djavax.net.ssl.trustStore=conf/custom-truststore.jks 
-Djavax.net.ssl.trustStorePassword=<truststore-password> 

In windows you have to add this to the nolioserver settings in the registry using regedit.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\NolioServer20\Parameters\Java\Options 

or run from the RA_HOME directory:

.\bin\Tomcat8 //US//NolioServer20 ++JvmOptions "-Djavax.net.ssl.trustStore=conf/custom-truststore.jks;-Djavax.net.ssl.trustStorePassword=<truststore-password>"

restart the nolio service.