Hi everyone,
I’m setting up a local lab on VirtualBox to test Identity Security Cloud (ISC) with a local PostgreSQL/Spring Boot authoritative source. However, I’m completely stuck during the VA pairing process due to certificate and permission errors.
The Issue: When I attempt to generate the pairing code using
va-bootstrap pair -t internal, the console outputs a pairing code but throws severalERRmessages regarding expired certificates.When I try to manually update the certificates or elevate my privileges to fix it, I hit read-only filesystem restrictions and password rejections.
Here is what happens in the console:
Running
va-bootstrap pair -t internalthrows multiple errors like:
ERR certs/2024/saas-fed-dev: Certificate expired 2026-03-21...
ERR certs/2024/internal: Certificate expired 2026-01-04...
ERR certs/2024/prod: Certificate expired 2026-01-04...I tried running
update-ca-certificates, but it fails with:
Error: SSL certificate directory /etc/ssl/certs isn't writableI also tried running
sudo va-authandva-authto see if I could elevate privileges to fix the certs, but my password attempts are rejected (I am logged in as the defaultsailpointuser).
Hi,
I also got the error while onboarding VA. But I ignored the error, everything worked fine. Try to proceed with VA configuration even if you see the error.
-Abhinov
@rafaeldaibes Hi Rafael, I faced the same issue while installing the VA. You can ignore the error and proceed by entering the pairing code in ISC, it should work fine.
Also, if you are using a demo tenant, you can use the below command to generate the pairing code (use “demo” instead of “internal” for both passphrase and pairing code):
va-bootstrap pair -t demo
Hi @rafaeldaibes ,
If you’re using demo tenant you can use below steps to configure the same and ignore the cert error.
Hope this helps.
1 Like