I recently renewed our VCSA certs and noticed a certificate store with the FQDN of our VCSA. This VCSA started out at 6.5 and has been upgraded through 7.0.3.01400.
This store contains one entry with the alias of our VCSA FQDN (private key) which will expire in a few weeks. This entry has the Issuer = the old FQDN of our VCSA, back when it was running 6.5 (we changed the name of the VCSA after upgrading to 7.0).
It sure seems like this is unused, but I wanted to check first. certificate-manager does not seem to know or care about it; same with the vCert script (4.7.0). The latter does not report that it is about to expire. Our __MACHINE_CERT is in good order and is used on the vSphere web client. I can't find anything online that suggests I should have a certificate store like this. It seems like a leftover from the upgrade from 6.5 to 7.0.
Is it safe to delete this store? Thanks.
Well VCSA doesn't use that cert for sure. Could be manually created by someone or 3rd party apps connected with VC.
Feel free to take snapshot/backup of VC and delete that store.
Pergunta interessante.
Well VCSA doesn't use that cert for sure. Could be manually created by someone or 3rd party apps connected with VC.
Feel free to take snapshot/backup of VC and delete that store.
After taking a snapshot, I deleted the cert. No issues noted so far. Thanks!