NAPP_Platform certificates cannot be deleted after NAPP undeployment, resulting in expired/expiring certificate alarms in NSX Manager.
search cancel

NAPP_Platform certificates cannot be deleted after NAPP undeployment, resulting in expired/expiring certificate alarms in NSX Manager.

book

Article ID: 412804

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Any NSX with NAPP 4.2 undeployed.
  • After the NAPP undeployment, the NAPP_Platform component remains and cannot be deleted.
  • Consequently, the associated certificate continues to appear as ‘in use’ or ‘used by.’
  • A GET request to /api/v1/trust-management/certificates/<certificate-id> shows the service type as NAPP_Platform.

Environment

Any NSX with NAPP 4.2 undeployed.

Cause

The NAPP_Platform certificate is used only when a private Helm/Docker registry server is introduced, a feature added in NAPP 4.2. An ungraceful removal of NAPP can cause this certificate to remain in a stale state.

Resolution

The NAPP_Platform certificate needs to be safely released and deleted. Kindly log a support ticket with Broadcom GSS to perform this action.

Powered by Wolken Software