Registering a VASA Certificate, 

Solution

 

So, what we need to do is to just delete the current Tomcat certificate alias and add a new one with the same name but with a larger validity, like 9999 days.

Once we figured out the root cause, the fix was done in about 10 minutes, as follows:

 

1.- SSH to the vVOLAPP, uid = root, password = ca$hc0w

 

2.- Check the existing certficate alias in keystore:

cd /etc/tomcat7

keytool -v -list -keystore jssecacerts_vasa

 

Note: keystore and certificate alias password = changeit

 

3.- Delete it

keytool -delete -alias samplevpserver_certificate_vasa -keystore /etc/tomcat7/jssecacerts_vasa

 

4.- Create a new one

keytool -genkey -alias samplevpserver_certificate_vasa -keyalg RSA -validity 9999 -keystore /etc/tomcat7/jssecacerts_vasa

accept all the defaults

 

5.- Restart Tomcat service

service tomcat7 restart

 

6.- Test it

Browse to https://VASA:8443  and check the new self-signed certificate. 

 

We are now able to register a new Storage Provider in VCSA.