Configure vRO to accept BT Diamond default SSL cert


If using the default BT Diamond SSL certificate, your vRO server may not accept the certificate, resulting in failed connections from vRO to the BT Diamond API.


VMware vRealize Orchestrator security settings may restrict the SSL certificate acceptance

Affected Versions

  • vRO 7.x

Workaround or Solution


Adjust the vRO security settings.

To resolve this:

  1. SSH to the vRO appliance(s) as root
  2. cd to the java security directory

    cd /usr/java/jre-vmware/lib/security/
  3. Make a copy of the file

  4. Edit the file and search for and comment out the following lines:

    #jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
    #jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
    #jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
  5. Save the file
  6. Restart the vco-server service

 If you have multiple vRO servers, repeat the above steps on all of them, including the restart.

Additional information

For additional questions please open a support request at

Have more questions? Submit a request


Please sign in to leave a comment.