Follow

AD import or VM Directory (vCenter) Import returns error "Certificates does not conform to algorithm constraints"

Product: Strausphere Fit/UX

Product Version: 5.x

Expires on: 365 days from publish date

Updated: November 4, 2014

 

Problem: AD import or VM Directory (vCenter) Import returns error "Certificates does not conform to algorithm constraints"

 

Symptoms: You see an error like the following when attempting AD or VM Directory import:  

 

Remote exception; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraintsAD_import_error.png

 

Cause: Stratusphere Hub requires RSA security key size of at least 1024 bits.  If the AD server or vCenter does not have the required key size, it will return the error above.

 

Possible Resolution:

Follow the steps below to remove the settings in the configurations.

  1. Logon to Stratusphere Hub as friend then switch to root (procedure similar to this: https://liquidwarelabs.zendesk.com/hc/en-us/articles/200962508-How-do-I-Remote-Access-Stratusphere-Appliance-Console-
  2. Run the following commands:

cp /usr/java/latest/jre/lib/security/java.security /usr/java/latest/jre/lib/security/java.security.orig; 

sed -i 's/, RSA keySize < 1024//g' /usr/java/latest/jre/lib/security/java.security

reboot;


Machine then will go down for a reboot.  After reboot, run the import again.  It will now accept a smaller RSA key.

This changes may be reverted after an upgrade.  Repeat the process if the issue returns.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.