ARIS clients cannot connect to servers using TLS/SSL

Problem

A certificate is available but ARIS clients cannot be started using TLS certification.

This may happen due to ARIS clients using Java trust store having trouble verifying the certificate chain.

Solution

An additional certificate must be made available for the load balancer.

  1. Download the zip file of the certificate from a certificate authority (CA), for example, GlobalSign.
  2. Start ARIS Cloud Controller (ACC).
  3. Stop the loadbalancer runnable.
  4. Enhance the certificate using this command:
  5. enhance <runnable of the load balancer component> with sslCertificate local file "<path to the downloaded zip file>", for example:

    enhance loadbalancer_m with sslCertificate local file "c:\\temp\\lbcert.zip".

    Notice the double backslashes. Alternatively, use single forward slashes, for example, "c:/temp/lbcert.zip".

  6. Start the loadbalancer runnable again.

The TLS certificate is available.