Hi,
For unknown reason, VMware-vapi-endpoint this service failed to start on our vcsa 6.5, i tried to dig out by vecs-cli, but with no luck, here are the error messages:
#/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store TRUSTED_ROOT_CRLS
Number of entries in store : 1
vecs-cli failed. Error 11: Possible errors:
LDAP error: Administrative limit exceeded
Win Error: Operation failed with error ERROR_BAD_FORMAT (11)
#/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store TRUSTED_ROOT_CRLS --text | less
vecs-cli failed. Error 4312: Possible errors:
LDAP error: Unknown (extension) error
Win Error: Operation failed with error ERROR_OBJECT_NOT_FOUND (4312)
Is it related to TRUSTED_ROOT_CRLS issue ?
Thanks
Possibly yes as there is one CRL in BAD_FORMAT error.
You can probably check in /etc/ssl/certs and check if there is a 0 bytes file in that however it is clearly not recommended to remove anything as such from that folder
thanks,
MS
I checked the /etc/ssl/certs, all the *.pem files looks fine, no "0" bytes file.
Is it possible to re-generate the certificate ?
Thanks
No, this is a CRL file (revocation list) and it is holding by AFD service.. I request you to engage GSS on this as it is complicated to recover
thanks,
MS