Search Engine: Elastic

Article ID: 132253, created on Feb 16, 2018, last review on Jul 14, 2018

  • Applies to:
  • Operations Automation 7.3


  1. Switch from OA to Billing does not work.
  2. Following error in log of UI (/var/log/pa/pui/pui.log):

    07:28:42.348 [default task-9] DEBUG c.p.p.c.e.b.billing_manager.BMHelper - loginToBM failure details: Certificates does not conform to algorithm constraints


Certificate of Billing Control Panel is expired:

#  openssl s_client -showcerts -connect
depth=0 C = US, L = Renton, OU = Billing, CN = VIDASP20, emailAddress = root@VIDASP20
verify error:num=18:self signed certificate
    Start Time: 1518777915
    Timeout   : 300 (sec)
    Verify return code: 10 (certificate has expired)

where is the IP address of Billing UI.


New SSL certificate required. Refer to KB article for additional information about Billing SSL.

As a workaround generate self signed certificate and replace the expired one:

    [root@billing ~]# openssl req -new -nodes -x509 -out odintestcrt.crt -newkey rsa:1024 -keyout odintestcrt.crt -days 3650
    Generating a 1024 bit RSA private key
    writing new private key to 'odintestcrt.crt'


    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.


    Country Name (2 letter code) [XX]:
    State or Province Name (full name) []:
    Locality Name (eg, city) [Default City]:
    Organization Name (eg, company) [Default Company Ltd]:
    Organizational Unit Name (eg, section) []:
    Common Name (eg, your name or your server's hostname) []:
    Email Address []:

    and replaced:

    [root@billing ~]# mv /usr/local/bm/etc/httpd/www.crt{,.backup}
    [root@billing ~]# cp odintestcrt.crt /usr/local/bm/etc/httpd/www.crt

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 dd79f16c76b9dca75205ab5e9f5465ea 1941880841f714e458ae4dc3d9f3062d

Email subscription for changes to this article
Save as PDF