Troubleshooting certificate issues after upgrade

After upgrading TrueSight Server Automation in an environment where communication between the NSH client and RSCD Agent was configured based on TLS authentication (as described in TLS-with-client-side-certs-Securing-a-Network-Shell-client), the following issues are observed:

• Live browse of certain server objects fails. For example, browsing the file system returns the error "Login not allowed for user," and browsing extended objects returns the error "Cert Check Failed."
• NSH commands do not run properly, and the following error is returned for particular users: "Failed to read keys from ... id.pem"

Workaround:

For each user for which the id.pem file was created, update the securecert file to include an encoded copy of the passphrase. Use the following command:
secadmin -m default -cu <user> -cp <passPhrase>