Is it possible to delete an STS Signing Chain from SSO?

This post was originally published on this site

Hi all,

 

I have an external vCenter 6.0 u2 appliance connected to an external 6.0 u2 PSC appliance.

 

In the past some other PSCs have been used but then they were decommissioned and deleted and the vCenter was pointed to a newer PSC.

 

When I look in the Certificates > STS Signing tab of the SSO configuration, I see multiple STS Signing Certificates listed.

Some of the certificate chains are related to the old/deleted PSCs.

 

I have tried to highlight the redundant certificate chain and then use the option Remove from the Web Client console however I get an error that the removal did not succeed.

 

I believe these older chains relating to the now non-existent PSCs are not affecting anything however, for the sake of having a cleaner console, I have the following questions:

 

1) Is there a way to remove them from the console/SSO?

2) Should I need to worry about removing them or can I just leave them and nothing will be affected?

3) Why would I be unable to remove them from the console using the button that is given to do precisely that?

 

Thanks in advance

Mark

Don’t Login on Untrusted Computers

This post was originally published on this site

A password is only as secure as the computer or network it is used on. As such, never log in to a sensitive account from a public computer, such as computers in a cyber cafe, hotel lobby or conference hall. Bad guys target public computers such as these and infect them on purpose. The moment you type your password on an infected computer, these cyber criminals can harvest your passwords. If you have no choice but to use a public computer, change your password at the next available opportunity you have access to a trusted computer.