Replacing vRealize Business Standard 7.x SSL Certificates
search cancel

Replacing vRealize Business Standard 7.x SSL Certificates

book

Article ID: 319603

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
  • Business Management tab in vRA reports the error:

    Javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Certificate Chain
     
  • vRA VAMI reports that these services status are Blank:

    vcbm-service (com.vmware.vcbm.vcbm)
    pricing-api (com.vmware.vcbm.pricing)
  • Unable to load Business Management TAB in vRA mode


Environment

VMware vRealize Business Standard 7.x

Cause

This issue occurs due to the invalid vRealize Business Standard Self Signed certificates.

Note: vRealize Business Standard Self Signed certificates by default are valid for 1 year from the issue date. In CA signed certificates, it depends upon issuing authority

Resolution

To resolve this issue, validate if vRealize Business SSL certificates are valid or invalid.

If vRealize Business SSL certificates are invalid, replace them with Self Signed certificates.

Validating vRealize Business SSL certificates
  1. Under vRealize Business Standard VAMI page, go to Administration tab > SSL.
  2. Check the validity of the SSL Certificate.

    If certificate is expired, it can lead to issues like non availability of Business Management tab.
 
Replacing vRealize Business SSL certificates with Self Signed certificates

 

  1. Take snapshot of vRA appliance(s) and vRB appliance.
  2. Go to vRB appliance VAMI page.
  3. Under vRealize Automation tab in vRB VAMI, enter the administrator password and click Unregister.

    You see the message that unregister is done successfully.
     
  4. Click Administration tab > SSL.
  5. Select the following:
    • Mode: Generate Self-signed certificate
    • Supply common name: FQDN of vRB appliance
    • Organization Name
    • Organization Unit
    • Country Code
       
  6. Click Replace Certificate and wait for success message
  7. Go to vRealize Automation tab, register vRA FQDN with name of the default tenant, administrator user and password associated with this account.
  8. This fixes the service registration issues in vRA VAMI page, which was unregistered earlier.
  9. Go to vRA SSH console and run command:

    service vcac-server restart

    Wait for 10 to 15 minutes and check state of the services in vRA which should come out as Registered and Business Management tab error gets resolved.
Note: If you have PEM encoded certificate, in step 5, select Import PEM Encoded Certificate and proceed with copy paste of Certificate value for RSA private key and PEM file.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



Powered by Wolken Software