openssl x509 -text -noout -in /cert/vmca.cer
Die Werte mit den Zertifikaten im Store vergleichen:
for store in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list | grep -v TRUSTED_ROOT_CRLS); do echo "[*] Store :" $store; output=$(/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $store --text); echo "$output" | grep -ie "Alias" -ie "Not Before" -ie "Not After" -ie "Issuer:" -ie "Subject:" -ie "Alias" -ie "X509v3 Basic Constraints"; echo "$output" | grep -ie "X509v3 Key Usage:" -A1; printf "\n"; done;
Sobald der alias identifiziert ist, muss er aus dem Store entfernt werden.
/usr/lib/vmware-vmafd/bin/vecs-cli entry getcert --store TRUSTED_ROOTS --alias 8b6a5bb72826b24101b5ed98c5446020467c7f32 --output /storage/core/ssoserver.crt
/usr/lib/vmware-vmafd/bin/vecs-cli entry delete --store TRUSTED_ROOTS --alias 8b6a5bb72826b24101b5ed98c5446020467c7f32 -y
service-control --stop --all;service-control --start --all