• After configuring a Microsoft Certificate Authority (CA) for VCF Management components, the option to revert to the default is unavailable in the UI.
• Attempts to RESET the configuration under Fleet Management > Certificates > VCF Management > CONFIGURE CA fail because the form enforces mandatory fields (CA Server URL, User Name, Password, Template Name):
  • CA Server URL is required.
  • User Name is required.
  • Password is required.
  • Template Name is required.

VCF Operations 9.0.x

This behavior is a product limitation. In VCF 9.0.x, once a Microsoft CA is successfully configured for Management components, the system does not support reverting to the default OpenSSL certificate management workflow through the management interface.

There is currently no supported method to remove the Microsoft CA configuration or revert to default via the VCF Operations UI once the configuration has been saved.

• For detailed information on supported CA configurations, refer to the VCF 9.0 Documentation: Configure a Certificate Authority.
• If the CA is not working properly, work with your Microsoft administrators and Microsoft support to resolve.
  • Certificates can be manually imported and updated with the Replace with Imported Certificate option if the integration is not currently working because of an issue with the CA server.

Note: If you are interested in requesting that other options be added, you can vote on the vcf.ideas.aha.io/ideas/VCF-I-3972.