Unable to remove STS certificate using jxplorer Tool.
vCenter 6.x, vCenter 7.x, vCenter 8.x.
-To delete the STS cert from Explorer we delete these two objects.
To remove STS certificate by command line.
cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local
1. Export the ldif
/opt/likewise/bin/ldapsearch -h localhost -D "cn=Administrator,cn=Users,dc=vsphere,dc=local" -w 'VMware123!' -b "cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local" > /storage/core/tenantcredential.ldif
2. See the ldif
/opt/likewise/bin/ldapsearch -h localhost -D "cn=Administrator,cn=Users,dc=vsphere,dc=local" -w 'VMware123!' -b "cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local" -s sub "objectclass=vmwSTSTenantCredential"
3. Delete the object
/opt/likewise/bin/ldapdelete -h localhost -D "cn=Administrator,cn=Users,dc=vsphere,dc=local" -w 'VMware123!' "cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local"
cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local
List the number of certchain
/opt/likewise/bin/ldapsearch -h localhost -D "cn=Administrator,cn=Users,dc=vsphere,dc=local" -w 'VMware123!' -b "cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local " -s sub "objectclass=container"
Example
/opt/likewise/bin/ldapsearch -h localhost -D "cn=Administrator,cn=Users,dc=vsphere,dc=local" -w 'VMware123!' -b "cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local " -s sub "objectclass=container"
# extended LDIF
#
# LDAPv3
# base <cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local > with scope subtree
# filter: objectclass=container
# requesting: ALL
#
# TrustedCertificateChains, vsphere.local, Tenants, IdentityManager, Services
, vsphere.local
dn: cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager
,cn=Services,dc=vsphere,dc=local
nTSecurityDescriptor:: AQAHhBQAAAA0AAAAAAAAAFQAAAABBgAAAAAABxUAAACAPXxdhG/Mkca
FQlchKZq+9AEAAAEGAAAAAAAHFQAAAIA9fF2Eb8yRxoVCVyEpmr4gAgAAAgDAAAUAAAAAExgAMAAA
AAECAAAAAAAHIAAAAJoCAAAAEygAMwAGAAEGAAAAAAAHFQAAAIA9fF2Eb8yRxoVCVyEpmr4DAgAAA
BMoADMABiABBgAAAAAABxUAAACAPXxdhG/MkcaFQlchKZq+AAIAAAATKAAzAAYgAQYAAAAAAAcVAA
AAgD18XYRvzJHGhUJXISmaviACAAAAEygAMwAGIAEGAAAAAAAHFQAAAIA9fF2Eb8yRxoVCVyEpmr7
0AQAA
cn: TrustedCertificateChains
objectClass: top
objectClass: container
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1 <---- In the lab, we have one
Export the ldif
/opt/likewise/bin/ldapsearch -h localhost -D "cn=Administrator,cn=Users,dc=
Delete the object
For TrustedCertChain-1
/opt/likewise/bin/ldapdelete -h localhost -D "cn=Administrator,cn=Users,dc=
For TrustedCertChain-2
/opt/likewise/bin/ldapdelete -h localhost -D "cn=Administrator,cn=Users,dc=