X2
7 years agoModerator
Expired host-id certificates - how to remove?
I noticed several host-id certificates as expired on one of my backup domains (running 8.1.2). This was mainly due to us not revoking them during the decommissioning process till around a few weeks ago.
So, in an attempt to do a cleanup of the expired certs, I tried to revoke them and got the following:
[root@master01 16:57 /]# /usr/openv/netbackup/bin/nbcertcmd -revokeCertificate -host expiredHost.domain.name Request to revoke certificate has failed. EXIT STATUS 5972: The certificate could not be revoked. It was already revoked or expired.
What are my options for the cleanup for these host-id certs? other than assuming "expired" certificate is as good as revoked for a decommissioned client and I will have to reissue the certificate anyway in case a hostname is reused for a new VM.