vRO 7 添加RestHost证书报错

报错类似的错误:

Cannot execute request: ; java.security.cert.CertificateException: Certificates does not conform to algorithm constraintsCertificates does not conform to algorithm constraints

Cannot execute request: DHPublicKey does not comply to algorithm constraints

 

Solution:

The java implementation on a vRA 7 appliance is no different, there are certain untrusted algorithms. Should you need to, you can enable them again.

  1. SSH to the vRA appliance using either the root account or an account capable of using sudo
  2. Navigate to the directory /usr/java/jre-vmware/lib/security
  3. Copy java.security to java.security.old (always take a backup!)
  4. Use vim to edit the java.security file
  5. Comment out the line jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
  6. Comment out the line jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
  7. Save the file
  8. Restart the vRO service (service vco-server restart)
posted @ 2018-08-28 16:33  Vincen_shen  阅读(393)  评论(0编辑  收藏  举报