With regard to the title, my problem is CAC authentication, my question is "is it possible to export certificates from a known-good PSC?"
Recently, we have been unable to authenticate into a few of our vCenters. Initially, I thought it might be a certificate issue, so I wanted to find out if it's possible to export certificates from a known-good vCenter/PSC so that I can import them into the problem vCenters. I am also having our AD team look at it from a DC perspective, as they did DC upgrades around the same time we lost the capability to CAC authenticate.
Ultimately, I'd like to know if the second part of my issue is possible, but feel free to chime in on the CAC authentication issue.
Here is what I can tell you:
The vCenters in question are all 6.5
All have had the reverse proxy configured, and all have Machine SSL certs.
All on the classified network have identical certs applied to the PSC.
On the unclassified side, I took measures to get almost all the certs to be identical, but the one missing cert (as compared to the known-good), I've been advised, is a non-issue.
These vCenters are run off Cisco appliances as opposed to Windows Servers.
This is a vCenter Web Client issue.
I do hope I've configured my inquiry correctly and respectfully. I have done my due diligence, and I've only come across information on importing/applying certificates...not exporting them. Any help would be appreciated.