Configure vRO to accept BT Diamond default SSL cert

If using the default BT Diamond SSL certificate, your vRO server may not accept the certificate, resulting in failed connections from vRO to the BT Diamond API.

To resolve this:

1. SSH to the vRO appliance(s) as root

2. cd to the java security directory

# cd /usr/java/jre-vmware/lib/security/

3. Make a copy of the java.security file

# cp java.security java.security.orig

4. edit the java.security file and search for and comment out the following lines:

#jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768

#jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024

5. save the java.security file

6. restart the vco-server service

NOTE: If you have multiple vRO servers, repeat the above steps on all of them, including the restart.

Configure vRO to accept BT Diamond default SSL cert

Recommended Reading

Connect ALL the things! Webhooks for the win.

Three ways to prevent IT complexity from hindering cloud computing

Control the Clouds & Impress Your Stars