Is it possible to delete an STS Signing Chain from...

Hocshop · ‎02-16-2017

Hi all,

I have an external vCenter 6.0 u2 appliance connected to an external 6.0 u2 PSC appliance.

In the past some other PSCs have been used but then they were decommissioned and deleted and the vCenter was pointed to a newer PSC.

When I look in the Certificates > STS Signing tab of the SSO configuration, I see multiple STS Signing Certificates listed.

Some of the certificate chains are related to the old/deleted PSCs.

I have tried to highlight the redundant certificate chain and then use the option Remove from the Web Client console however I get an error that the removal did not succeed.

I believe these older chains relating to the now non-existent PSCs are not affecting anything however, for the sake of having a cleaner console, I have the following questions:

1) Is there a way to remove them from the console/SSO?

2) Should I need to worry about removing them or can I just leave them and nothing will be affected?

3) Why would I be unable to remove them from the console using the button that is given to do precisely that?

Thanks in advance

Mark

Soap01 · ‎01-10-2018

Did you ever happen to figure this out? Thanks

dongjh · ‎09-15-2020

The similar issue, after refreshing the expiring certificate(and reboot), multiple certificate were there, and it still said the certificate is expiring. How can i take the new certificate effect and remove the useful ones?

sckgeneral · ‎01-30-2021

hello dongjh

I have the same problem and would like to ask you how to solve it.

All

Is it possible to delete an STS Signing Chain from SSO?