Replace vRealize Business Standard 7.0 Self-Signed SSL Certificates. Business Management tab in vRA reports SSLHandshakeException.
- Business Management Tab in vRA reporting error Javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Certificate Chain
- vRA VAMI starts to report following services status as Blank
- vcbm-service (com.vmware.vcbm.vcbm)
- pricing-api (com.vmware.vcbm.pricing)
Did this in a vRA 7.1 – vRB 7.0 based simple deployment
Where I ran into a situation where vRA self signed certificate was already expired and both the above listed symptoms where being faced.
To get full resolution to this, I went ahead and began process of replacing certificates with steps listed below:
- take snapshot of vRA appliance and vRB appliance
- go to vRB appliance VAMI page
- under vRealize Automation tab in vRB VAMI, supply administrator password and click on Unregister button, let it come throw with a message that unregister is done successfully.
- Now, on Administration tab -> click on SSL
- Choose the Mode as Generate Self-signed certificate
- Supply common name: FQDN of vRB appliance
- Organization Name
- Organization Unit
- Country Code
- Click on Replace Certificate and wait for success message
- Go back into vRealize Automation tab, register vRA FQDN with name of the default tenant, administrator user and password associated with this account.
- This will indeed fix the service registration issues in vRA VAMI page, which was unregistered earlier.
- But Business Management tab will still continue to show SSLHandShakeError, to resolve this make sure you go in vRA SSH console and run command ‘service vcac-server restart’, give it about 10 to 15 minutes and check state of the services in vRA which should come out as Registered and Business Management tab is also looking OK.
Additional Reference: http://pubs.vmware.com/vrealizebusinessstd-7.0/topic/com.vmware.ICbase/PDF/vRealizeStd-Install-7.0.pdf