Deletion of Cloud Service Manager certificates fails in the VMware NSX Manager

search cancel

Deletion of Cloud Service Manager certificates fails in the VMware NSX Manager

book

Article ID: 392862

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

You have expired certificates in VMware NSX used by Public Cloud Gateway (PCG).

Environment

VMware NSX

Cause

As Cloud Service Manager (CSM) and Public Cloud Gateway (PCG) are not supported in VMware NSX 4.1.0 and higher, Principal identity (PI) certificates for CSM and PCG are not required.

Resolution

To delete the expired PI certificates, follow the steps below:

Remove NSX cloud (CSM/PCG) PIs: DELETE https: //<nsx-manager>/api/v1/trust-management/principal-identities/<principal-identity-id>
Once the NSX cloud PI are deleted, use the following API to delete the expired certificate :
DELETE https://<nsx-manager>/api/v1/trust-management/certificates/<cert-id>

Additional Information

Replace expiring Principle Identity certificates for the Cloud Service Manager (CSM) and Public Cloud Gateway (PCG)
VMware NSX 4.1.0 Release Notes
NSX-T Data Center REST API - Delete a principal identity
NSX-T Data Center REST API -Delete Certificate for the Given Certificate ID

Feedback

thumb_up Yes

thumb_down No