Orphaned NAPP Certificates fail to delete from the NSX Manager UI
search cancel

Orphaned NAPP Certificates fail to delete from the NSX Manager UI

book

Article ID: 428797

calendar_today

Updated On:

Products

VMware NSX VMware vDefend Firewall

Issue/Introduction

Self-signed certificates issued by the k8s-msg-client remain in the NSX Manager UI and fail to delete following the decommissioning of NSX Application Platform (NAPP).

The affected certificates appear "grayed out" in the NSX Manager UI, yet the system incorrectly reports them as being in an "Active" or "Used By" state.

Attempts to remove these certificates via the UI is unsuccessful due to stale references remaining in the management plane database. 

Environment

Vmware NSX 

NSX Application Platform 4.2

Cause

Refer the KB:393976

Resolution

Validation: Execute the CARR script in Dry Run mode to identify the orphaned certificate aliases that need to be released.

Remediation: Once the stale certificates are confirmed in the output, execute the CARR script in Remediation mode to successfully remove the stale entries from the database.

Additional Information

Delete NSX Appliation Platform

 

Powered by Wolken Software