Delete a Root Certificate from vCenter
Server
vCenter
Server
You can use the
Certificate Management vCenter Trusted Root Chains
interface to add, delete and read trusted root certificate chains. This use case demonstrates how to delete a root certificate or certificate chain from the trusted root store of your vCenter Server
system.- Verify that you are connected to avSphere AutomationAPI server.
- Verify that you have the required privileges for executing the method: and .
Deleting certificates is not available
through the
vSphere Client
and you
can only do this by using the vSphere
Automation
API or the CLI tools.Deleting a root certificate or certificate chain that is in use
might cause breakage of your systems. Proceed to delete a root certificate only if
you are sure it is not in use by your
vCenter Server
or any connected systems.- Retrieve the root certificates from yourvCenter Serversystem.GEThttps://<vcenter_ip_address_or_fqdn>/api/vcenter/certificate-management/vcenter/trusted-root-chainsThe system lists the unique identifiers (chains) of the certificates in the trusted root store.
- Retrieve the certificate you want to delete.To retrieve and verify a root certificate, use its unique identifier (chain).GEThttps://<vcenter_ip_address_or_fqdn>/api/vcenter/certificate-management/vcenter/trusted-root-chains/<chain>
- Delete the certificate by providing its unique identifier (chain).DELETEhttps://<vcenter_ip_address_or_fqdn>/api/vcenter/certificate-management/vcenter/trusted-root-chains/<chain>The system returns a 204 error, which means that the request was processed but no content is returned.
- To verify you deleted the certificate, retrieve the root certificates from yourvCenter Serversystem once again.GEThttps://<vcenter_ip_address_or_fqdn>/api/vcenter/certificate-management/vcenter/trusted-root-chains