Hello Community!
I hope you can help me with the following issue:
In my vCenter Server 7 (7.0.1 U1c Build: 17327586) there are many trusted CA certificates which where created during another issue where I tried to replace all certificates by using the certificate-manager. After I updated the hole PKI, I enrolled quite new certificates and I wanted to remove this "old" ones which are unused now and this seems to be more difficult as I thought.
Even through these CA certificates are not expired I followed this guide and removed all CA certificates which are not used anymore: Removing Expired CA Certificates from the TRUSTED_ROOTS store in the VMware Endpoint Certificate Sto...
At the beginning it seems it worked as expected, but after I reboot the VCSA and I take a look in the certification administration in vCenter I am not longer able to see any certificates. Instead I get the following error: Error occurred while fetching machine certificates: This method requires authentication.
What did I wrong here? How can I fix that?
Thank you!
I am afraid it is not possible to tell you what you did wrong. Certificates can be a real pain in the *** so always create backups/snapshots before you make changes. I don't know if it is possible but maybe you can rebuild vCenter from scratch?
Thank you for your reply!
Of course I have backups of the server and I already restored the vCenter from that successfully. So nothing damaged here 🙂 But I am further interested of removing these old certificates. I already tried to repeat the procedure to get sure I did not any stupid mistakes with the guide. But after that I had the same problem...
So maybe one or more certificates you deleted are still being used. Otherwise, you wouldn't get the errors. Personally, I would investigate the possibility to do a reinstall of the VCSA. I always want to be sure that there are no strange issues that might bite you later on.