Signing certificate is not valid error in VCSA 6.5.x,6.7.x or vCenter Server 7.0.x
Once admin is getting notifications form (ab)users about issue with login to vCenter, there are few possibilities:
PEBCAK – one of many terms used in Internet chatting, stands for “problem exists between chair and keyboard,” meaning it’s a problem in user understanding or behavior rather than something wrong with hardware or software. The term is sometimes used by help desk people since it’s a common class of problems.
Password expiration
Certificate exparation
The vCenter Single Sign-On Security Token Service (STS) is a Web service that issues, validates, and renews security tokens. Users present their primary credentials to the STS interface to acquire SAML tokens. The primary credential depends on the type of user.
STS authenticates the user based on the primary credentials, and constructs a SAML token that contains user attributes. STS signs the SAML token with its STS signing certificate, and assigns the token to the user. By default, the STS signing certificate is generated by VMCA. You can replace the default STS signing certificate from the vSphere Web Client. Do not replace the STS signing certificate unless your company’s security policy requires replacing all certificates.
After a user has a SAML token, the SAML token is sent as part of that user’s HTTP requests, possibly through various proxies. Only the intended recipient (service provider) can use the information in the SAML token.
Read full article on: https://angrysysops.com/2021/05/19/st...
Follow me on FB: / angrysysops
Subscribe to this channel
Watch video Signing certificate is not valid error in VCSA 6.5.x,6.7.x or vCenter Server 7.0.x online without registration, duration hours minute second in high quality. This video was added by user Angry Admin 19 May 2021, don't forget to share it with your friends and acquaintances, it has been viewed on our site 6,937 once and liked it 24 people.