Aria Operations for Logs appliances use an SSL certificate that must be renewed within the certificate's expiration date.
This article explains how to check it from the Aria Operations for Logs Web UI as well as CLI

Aria Operations for Logs 8.18.x

Command Line method:

1. Log in to Aria Operations for Logs through the Console or SSH as root user
2. Run the following command:

Non-FIPS enabled clusters 

echo "" | keytool -list -keystore /usr/lib/loginsight/application/etc/3rd_config/keystore -rfc 2> /dev/null | openssl x509 -noout -enddate

FIPS enabled clusters

/opt/vmware/bin/keytool-no-provider -list -keystore /usr/lib/loginsight/application/3rd_party/apache-tomcat/conf/keystore.bcfks -storepass $(/usr/lib/loginsight/application/sbin/fips.sh --keystore_password) -rfc 2>/dev/null | openssl x509 -noout -enddate

Aria Operations for Logs UI running in FIPS mode is not accessible after SSL certificate expired

If you are unsure whether or not your cluster is FIPS enabled, and do not have access to the UI to verify:

1. Log in as root to any Aria Operations for Logs node in your cluster via SSH
   
   
2. Run the following command to determine the status of FIPS and if it is FIPS enabled.
   
   

   /usr/lib/loginsight/application/sbin/fips.sh --all --status
   
   FIPS mode check for all components.
   Photon FIPS mode: activated
   BouncyCastleFipsProvider in FIPS mode: on
   BouncyCastelJsseProvider in FIPS mode: on
   java.security keystore.type FIPS mode: on
   java.security KeyManagerFactory.algorithm type FIPS mode: on
   loginsight approved_only FIPS mode: activated
   Apache Tomcat approved_only FIPS mode: activated
   Apache Tomcat FIPS mode: on
   Cassandra FIPS node: on
   Internal config. fips-enabled = true