Delete Certificates from the VCF Operations 9 Fleet Manager API

We've discussed the VCF Operations 9 Fleet Manager API previously, but this is a specific use case. I'd like to delete a Certificate, here's how I did it.

First, the Fleet Manager API can be found at https://yourfleetmanagerfdqngoeshere/api/swagger-ui/index.html, it'll look like this.

Remember, to authenticate you need your admin@local credentials Base64 encoded, which we can do a few different ways.

1. You can use something like Base64encode.org. I showed this in the previous blog.

2. Another way to encode your admin@local credential is to run the following on your Fleet Manager VM: echo -n 'admin@local:yourpasswordgoeshere' | base64

3. Another way is to encode admin@local at run time, I'll show this later when running my curl command, but an example is like this: curl -k -u admin@local:yourpasswordgoeshere -X GET "https://vcfops-bpeterson.vcfops.lab/lcm/locker/api/certificates/list/vmids"

Once authenticated, you need to find the API endpoint to list your certificates, which in this case is Internal.

From there scroll down to Locker Certificates Controller and you'll find the /lcm/locker/api/certificates/list/vmids endpoint.

Execute it and it'll provide your Certificates and their related vmid, which is what you'll use to delete it. Notice the curl command is also provided, including your Base64 encoded credential.

curl -X GET "https://vcfops-bpeterson/lcm/locker/api/certificates/list/vmids?isUsable=false" -H  "accept: application/json" -H  "Authorization: Basic YWRtaW5AbG9jYWw6SW50ZWdyQHRpb25zMTIz"

If you wanted to run this command line, you could, without first Base64 encoding your credential. It would look like this (the -u is doing the encoding for you)

curl -k -u admin@local:yourpasswordgoeshere -X GET "https://vcfops-bpeterson.vcfops.lab/lcm/locker/api/certificates/list/vmids"

Output of this command looks like this.

[{"alias":"lcm_certificate","vmid":"b68bf1ba-8f8a-4036-a176-fd6d0bc13542"},{"alias":"3cb73383-2cc0-4ecf-9f7f-ff14a7e2d2f6_vrops_529f61b3-1c4c-468f-9d76-ef13875bf176","vmid":"d304ce5d-b307-4812-b43f-b55c1b48beff"},{"alias":"VCF Operations Certificate","vmid":"1ef28f30-faf2-4332-b8cd-1d65c17ee514"},{"alias":"94cd538c-1696-4407-a3e8-e4d584133649_vrli_35884c42-497c-4fb6-a384-162b8156b231","vmid":"82e2568c-546a-4ea3-8821-1527580b0785"},{"alias":"a6b80080-93db-4f9e-8363-19a92789ba23_vra_79042497-63ce-404a-9111-288ba9331f05","vmid":"30078b59-5187-4a3c-be2e-445f1b96d027"},{"alias":"vRA Certificate","vmid":"a0556ce9-172c-4595-8450-e1d11df41f3c"},{"alias":"Logs Certificate","vmid":"0687f489-94d3-46cf-8ec8-79455134b540"},{"alias":"vcf-a-cert","vmid":"594f1fd3-f15d-4c85-af8e-3d2bad315efb"},{"alias":"vcfa certificate v2","vmid":"54154247-90d3-4b9c-a272-6866aca875ba"},{"alias":"vcfa cert v3","vmid":"d1b7e97b-66cf-4d71-9ba1-c19bb384f682"}]

Same output as the Swagger UI, just not formatted quite as nicely. Either way, find the vmid for the Certificate you want to delete and delete it here.

VCF Operatinos 9 Fleet Manager is powerful, and without an accessible UI, it's quite useful. Enjoy!