If using the default BT Diamond SSL certificate, your vRO server may not accept the certificate, resulting in failed connections from vRO to the BT Diamond API.


To resolve this:


       1.  SSH to the vRO appliance(s) as root

       2.  cd to the java security directory 

            # cd /usr/java/jre-vmware/lib/security/

       3. Make a copy of the java.security file

            # cp java.security java.security.orig

       4. edit the java.security file and search for and comment out the following lines:


#jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024


#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768


#jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024

      5.  save the java.security file


      6.  restart the vco-server service


NOTE:  If you have multiple vRO servers, repeat the above steps on all of them, including the restart.

Recommended Reading