Hi,
Can anyone please advise how I view/manage the STS certificates in vCenter Server v7.0?
In v6.x this could be done via the Web Client (Flash Client) by following the path "Administrator > Single Sign-On > Configuration > Certificates > STS Signing"
However the Flash Client is not available in v7.0 and there is no STS Signing option in the HTML5 Client. I have found specific reference to "Note: The STS certificate cannot be viewed from the HTML5 client" in https://kb.vmware.com/s/article/79248
I have downloaded the checksts.py python script that is mentioned in KB79248 and I can see the STS certificate SHA-1 thumbprints (and only that); but that is all it does.
I generated & refreshed new STS signing certs based on my VMCA signed certificate chain, and now I need to delete the old STS leaf & root certificates (highlighted).
I know it is against VMware's recommendation to replace these internal/self-signed STS certificates, but in some environments this is not acceptable.
Is there a CLI command to manage them, as the HTML5 client is clearly not 'feature parity' with the Web Client in this respect. :-(
As always, any help or advice will be welcomed.
Thanks
M