Understanding the main SSL functions can help you configure the VMware Aria Operations for Logs Agents accurately.
The
VMware Aria Operations for Logs Agent stores certificates and uses them to verify the identity of the
Cloud Proxy during all but the first connection to the
Cloud Proxy. If the identity cannot be confirmed, the
VMware Aria Operations for Logs Agent rejects the connection and writes an appropriate error message to the log. Certificates received by the agent are stored in the
cert folder.
- For Windows, go to C:\ProgramData\VMware\Log Insight Agent\cert.
- For Linux, go to /var/lib/loginsight-agent/cert.
When the
VMware Aria Operations for Logs Agent establishes a secure connection with the
Cloud Proxy, the agent checks the certificate received from the
Cloud Proxy for validity. The
VMware Aria Operations for Logs Agent uses system-trusted root certificates.
- The Linux agent loads trusted certificates from /etc/pki/tls/certs/ca-bundle.crt or /etc/ssl/certs/ca-certificates.crt.
- The Windows agent uses system root certificates.
If the VMware Aria Operations for Logs Agent has a locally stored self-signed certificate and receives a different valid self-signed certificate with the same public key, the agent accepts the new certificate. This can happen when a self-signed certificate is regenerated using the same private key but with different details, such as a new expiration date. Otherwise, the connection is rejected.
