When attempting to add a product to usage meter, the product migth fail to add if it has a certificate signed by sectigo
Resolution: Import root certificates to the appliance java keystone.
* take a snapshot of the appliance
* ssh to usage meter appliance
* change user to root
* create or import the root certificate to the appliance
curl https://crt.sh/?d=1199354 > /home/usagemeter/root.crt
Note: if you have a different CA provider, replace the below with the path to download the root certificate or simply scp the certificate to the UM appliance.
import the certificates (run the command as it is if the root is placed in /home/usagemeter/root.crt
keytool -import -trustcacerts -file /home/usagemeter/root.crt -alias USERTRUST -keystore /usr/java/jre-vmware/lib/security/cacerts
Note: Default keystore password is
on successfull import, you should see
now, go ahead and add the product back in to usage meter:
Note: when adding vCD, Please ensure that you add the endpoint in the format https://FQDN, IE: https://vcd.ntitta.in
Troubleshooting (show fill certificate chain, check the validity of the last certificate. ):
openssl s_client -showcerts -connect vcsa.ntitta.lab:443