Logo

Configure vRO to accept BT Diamond default SSL cert

Problem 

If using the default BT Diamond SSL certificate, your vRO server may not accept the certificate, resulting in failed connections from vRO to the BT Diamond API.


Cause

VMware vRealize Orchestrator security settings may restrict the SSL certificate acceptance


Affected Versions

  • vRO 7.x


Workaround or Solution

Overview

Adjust the vRO security settings.


To resolve this:


  1. SSH to the vRO appliance(s) as root

  2. cd to the java security directory

    cd /usr/java/jre-vmware/lib/security/

  3. Make a copy of the java.security file

    cp java.security java.security.orig

  4. Edit the java.security file and search for and comment out the following lines:

    #jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
#jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
  5. Save the java.security file
  6. Restart the vco-server service





NOTE:  If you have multiple vRO servers, repeat the above steps on all of them, including the restart.


Additional information


For additional questions please open a support request at support.sovlabs.com



Bolty McBoltFace -
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.