Re: STS Signing Certificate is expiring on Windows vCenter 6.0

C:\ProgramData\VMware\vCenterServer\cfg\sso\keys\newsts>"C:\Program Files\VMware

\vCenter Server\jre\bin\keytool.exe" -list -v -keystore root-trust.jks

输入密钥库口令:

密钥库类型: JKS

密钥库提供方: SUN

您的密钥库包含 2 个条目

别名: root-ca

创建日期: 2020-9-14

条目类型: trustedCertEntry

所有者: OU=VMware, O=scxt-vCenter, ST=California, C=US, DC=local, DC=vsphere, CN

=CA

发布者: OU=VMware, O=scxt-vCenter, ST=California, C=US, DC=local, DC=vsphere, CN

=CA

序列号: f885f49bec9a18e8

有效期为 Sun Sep 23 09:34:42 CST 2018 至 Wed Sep 20 09:34:42 CST 2028

证书指纹:

         MD5:  9E:9E:7C:AF:70:7F:DC:02:C3:AE:E0:40:2C:80:DE:FD

         SHA1: A7:27:C0:F8:9C:E6:A6:C0:25:DA:7F:E4:D8:0C:14:38:C7:0E:1A:A7

         SHA256: 38:9D:83:6B:51:10:44:43:71:70:3A:C6:B8:9A:BC:B0:32:66:55:6C:3D:

E4:C2:61:6C:FD:FF:40:45:AF:E2:AA

签名算法名称: SHA256withRSA

主体公共密钥算法: 2048 位 RSA 密钥

版本: 3

扩展:

#1: ObjectId: 2.5.29.19 Criticality=true

BasicConstraints:[

  CA:true

  PathLen:0

]

#2: ObjectId: 2.5.29.15 Criticality=true

KeyUsage [

  Key_CertSign

  Crl_Sign

]

#3: ObjectId: 2.5.29.17 Criticality=false

SubjectAlternativeName [

  RFC822Name: email@acme.com

  IPAddress: 127.0.0.1

]

#4: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: B8 FF 79 34 6C A8 33 D7   F0 8D B0 EE 9C 7D E9 23  ..y4l.3........#

0010: 9E A0 A7 96                                        ....

]

]

*******************************************

*******************************************

别名: newstssigning

创建日期: 2020-9-14

条目类型: PrivateKeyEntry

证书链长度: 2

证书[1]:

所有者: OU=VMware, O=VMware, L=Palo Alto, ST=California, C=US, CN=CA

发布者: OU=VMware, O=scxt-vCenter, ST=California, C=US, DC=local, DC=vsphere, CN

=CA

序列号: df6477ab15b7445d

有效期为 Mon Sep 14 14:41:13 CST 2020 至 Wed Sep 14 14:41:13 CST 2022

证书指纹:

         MD5:  2F:E3:3F:98:DA:64:4F:28:1F:85:EB:5A:83:C9:5B:66

         SHA1: 78:AB:83:21:3D:3E:F0:6A:DF:C9:CC:4E:32:B3:9B:7F:FC:2C:E8:74

         SHA256: E7:EB:28:4C:AC:7E:9B:94:03:89:08:72:3C:46:D4:82:FB:C8:B0:4F:BC:

AB:3B:B5:6B:65:B2:7E:C7:26:DB:28

签名算法名称: SHA256withRSA

主体公共密钥算法: 2048 位 RSA 密钥

版本: 3

扩展:

#1: ObjectId: 2.5.29.35 Criticality=false

AuthorityKeyIdentifier [

KeyIdentifier [

0000: B8 FF 79 34 6C A8 33 D7   F0 8D B0 EE 9C 7D E9 23  ..y4l.3........#

0010: 9E A0 A7 96                                        ....

]

]

#2: ObjectId: 2.5.29.15 Criticality=false

KeyUsage [

  DigitalSignature

  Non_repudiation

  Key_Encipherment

]

#3: ObjectId: 2.5.29.17 Criticality=false

SubjectAlternativeName [

  RFC822Name: dongjh@ahope.com.cn

  IPAddress: 10.44.221.29

  DNSName: scxt-vCenter

]

#4: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: EC FC 60 86 DF 98 B2 15   D3 56 7A 7F BF 23 B4 25  ..`......Vz..#.%

0010: 7D E8 3C 89                                        ..<.

]

]

证书[2]:

所有者: OU=VMware, O=scxt-vCenter, ST=California, C=US, DC=local, DC=vsphere, CN

=CA

发布者: OU=VMware, O=scxt-vCenter, ST=California, C=US, DC=local, DC=vsphere, CN

=CA

序列号: f885f49bec9a18e8

有效期为 Sun Sep 23 09:34:42 CST 2018 至 Wed Sep 20 09:34:42 CST 2028

证书指纹:

         MD5:  9E:9E:7C:AF:70:7F:DC:02:C3:AE:E0:40:2C:80:DE:FD

         SHA1: A7:27:C0:F8:9C:E6:A6:C0:25:DA:7F:E4:D8:0C:14:38:C7:0E:1A:A7

         SHA256: 38:9D:83:6B:51:10:44:43:71:70:3A:C6:B8:9A:BC:B0:32:66:55:6C:3D:

E4:C2:61:6C:FD:FF:40:45:AF:E2:AA

签名算法名称: SHA256withRSA

主体公共密钥算法: 2048 位 RSA 密钥

版本: 3

扩展:

#1: ObjectId: 2.5.29.19 Criticality=true

BasicConstraints:[

  CA:true

  PathLen:0

]

#2: ObjectId: 2.5.29.15 Criticality=true

KeyUsage [

  Key_CertSign

  Crl_Sign

]

#3: ObjectId: 2.5.29.17 Criticality=false

SubjectAlternativeName [

  RFC822Name: email@acme.com

  IPAddress: 127.0.0.1

]

#4: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: B8 FF 79 34 6C A8 33 D7   F0 8D B0 EE 9C 7D E9 23  ..y4l.3........#

0010: 9E A0 A7 96                                        ....

]

]

*******************************************

*******************************************