Understanding the main SSL functions can help you configure the VMware Aria Operations for Logs Agents accurately.

The VMware Aria Operations for Logs Agent stores certificates and uses them to verify the identity of the Cloud Proxy during all but the first connection to the Cloud Proxy. If the identity cannot be confirmed, the VMware Aria Operations for Logs Agent rejects the connection and writes an appropriate error message to the log. Certificates received by the agent are stored in the cert folder.
  • For Windows, go to C:\ProgramData\VMware\Log Insight Agent\cert.
  • For Linux, go to /var/lib/loginsight-agent/cert.
When the VMware Aria Operations for Logs Agent establishes a secure connection with the Cloud Proxy, the agent checks the certificate received from the Cloud Proxy for validity. The VMware Aria Operations for Logs Agent uses system-trusted root certificates.
  • The Linux agent loads trusted certificates from /etc/pki/tls/certs/ca-bundle.crt or /etc/ssl/certs/ca-certificates.crt.
  • The Windows agent uses system root certificates.

If the VMware Aria Operations for Logs Agent has a locally stored self-signed certificate and receives a different valid self-signed certificate with the same public key, the agent accepts the new certificate. This can happen when a self-signed certificate is regenerated using the same private key but with different details, such as a new expiration date. Otherwise, the connection is rejected.