The VMware Aria Operations for Logs Server rejects the connection with the VMware Aria Operations for Logs Agents when you try to send non-encrypted traffic.
You can configure a VMware Aria Operations for Logs Server to accept non-SSL connections or configure VMware Aria Operations for Logs Agents to send data through an SSL cfapi
protocol connection.
Problem
When you attempt to use cfapi
to send non-encrypted traffic, the VMware Aria Operations for Logs Server rejects your connection. One of the following error messages appears in the agent log: 403 Forbidden or 403 Only SSL connections are allowed.
Cause
VMware Aria Operations for Logs is configured to accept only SSL connections, but the VMware Aria Operations for Logs Agents are configured to use a non-SSL connection.
Solution
- Configure your VMware Aria Operations for Logs Server to accept a non-SSL connection.
- Expand the main menu and navigate to Configuration > SSL.
- Under the API Server SSL header, deselect Require SSL Connection.
- Click Save.
- Configure the VMware Aria Operations for Logs agent to send data through an SSL
Cfapi
protocol connection.- Navigate to the folder containing the liagent.ini file.
Operating system Path Linux /var/lib/loginsight-agent/ Windows %ProgramData%\VMware\Log Insight Agent - Open the liagent.ini file in any text editor.
- Change the value of the ssl key in the [server] section of the liagent.ini file to yes and the protocol to
cfapi
.proto=cfapi ssl=yes
- Save and close the liagent.ini file.
- Navigate to the folder containing the liagent.ini file.