VMware vCenter 6.7 Certificate Status Error

After rebooting our vCenter appliance we noticed an error on vCenter regarding “Certificate Status”

After going to the Administration snap-in and clicking on “Certificate Management” and logging in to verify certificates we saw nothing out of order. All the VMware provided certificates were fine. I decided to keep digging.

I started googling and found the following command listed on Reddit by zwamkat.
https://www.reddit.com/r/vmware/comments/it4dmq/vcsa_certificate_status_alarm_triggered/

for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done

This provided the output necessary to see all certificates on the vCenter appliance, including third-party certificates. We noticed that we still had a thirty party certificate listed in vCenter with an expiration date coming up even though we already replaced it.

We are following up with the third-party vendor to get to a resolution.

My journey to passing the CISSP exam

Note: I have only passed the exam, I’m not yet certified
Update: I’m officially certified!

I have always been interested in computers for as long as I can remember. I was fortunate my high school was a Cisco Networking Academy and I walked out of high school with my Cisco Certified Network Associate (CCNA) and A+ certifications.

I went on to college and graduated in four years with a bachelor’s degree in computer science and engineering technology. While I was attending college for my bachelor’s degree I took the rest of the Cisco Networking Academy materials that would have prepared me for the Cisco Certified Network Professional (CCNP) but I never sat for the exam.

I entered the full-time work force doing desktop support and using all the resources at my disposal to go above-and-beyond what was required of me. I was noticed by the IT Infrastructure team and moved over to that team to manage Active Directory and VMware.

At the time of writing this write-up I’ve been working as a Lead Systems Software Engineer at my company for about five and a half years. In my current role I’m in charge of maintaining our companies Active Directory, VMware virtual server environments, and departmental file storage. This maintenance includes everything from running yearly audits, to providing highly available services (uptime), maintaining best practices, and securing the environments. I have also written a .NET portal to provide other Active Directory administrators a portal to perform certain functions like requesting a network file share or changing their administrator passwords. I’m also involved in our yearly Disaster Recovery planning/testing and maintaining many enterprise service certificates. My day-to-day tasks including automating our virtual server provisioning/de-provisioning process, automating daily tasks with PowerShell, and maintaining/upgrading/securing our environments.

Studying for CISSP:

I started studying for the CISSP by joining some of the free boot camps that I saw fly through my work e-mail from vendors. At this point in time I wasn’t taking any notes I was just listening and trying to absorb what I could. I’d say I attended two of these boot camps, in some cases taking some time off work to do so.

When I started to get serious about taking and passing this exam in the beginning of 2021, as I knew the exam would be changing in May. I bought the following materials:

I also recommend Kelly Handerhan’s CISSP course on Cybrary. I didn’t list this with my purchases because at the time it was included free for the month. https://www.cybrary.it/course/cissp/. I went through this whole course over a couple days and took very diligent notes in OneNote that I did use to help refresh my memory and study from.

I did spend some time studying but I was not strict about setting time aside every day, it was when I had time. I had previously scheduled my exam for March 2021 (one of the things I read to keep you motivated) but I strongly felt I was not ready and had to pay the $50 to reschedule the exam.

After rescheduling the exam at the end of April and seeing May 1, 2021, coming at me very fast, I decided it was time to really study because it was do-or-die, pass-or-fail.

I took three days off of work immediately prior to the exam, and spent all three days (8am to 8pm) studying and doing questions with only a few breaks for video games or other things enjoyable to break up the studying. I’d say I spent about 80% of time going through questions in the books and on the apps on my iPhone and 20% of the time reading the various course materials listed above and taking notes.

Prior to the exam I’d say I was averaging around 80% to 90% on the practice questions in the books and the apps. When I had first started studying for the CISSP I’d say I was more in the 60% to 70% range.

My Recommendations:

I would personally say you know yourself the best. You can read all the experiences out there from many different people but it may not help you if you don’t help yourself.

For example, I know from my high school and college experiences that I know the best way I retain knowledge is to cram over a short period of time, which is what almost everyone out there will tell you not to do, but it works for me. The three days I took off before the exam was vital to me.

I learned many of the topics I wasn’t as familiar with from doing questions, getting them wrong, and spending the time to research and really understand why the option I chose was wrong.

The CISSP exam has a special mindset that you need to acquire, many will say “Think like a manager”. I will agree with that but more importantly I will say READ, RE-READ, RE-READ, and RE-READ the questions. These questions are not written to trick you but it is important you fully understand what the question is asking.

It is very easy to fall into the trap of thinking you know what the question is asking, answering, and moving on because you are worried about time. I would recommend even if you think you know the answer to re-read the question at least three times. The next step is to rule out any answers you 100% know are incorrect. Then re-read the question again, every word, interpret it, answer to your best ability and move on.

It was very apparent to me on the questions that I did not know the answer to, I tried not to spend to much time on them, answered them to the best of ability and moved on.

Exam Experience:

I took my driver’s license and passport to the testing center to verify myself. I put everything else I brought with me into the lockers provided.

I sat down for the exam around 5pm and walked out of the testing center close to 8pm. I took no breaks but did look away from the monitor when I needed to and just took some breaths to mentally re-group.

If question 100 comes and goes and you are still answering questions don’t let it get to you. I’d say prepare for answering 150 questions and if the exam ends sooner, great. My exam went the full 150 questions.

I will say I thought I held myself well during the exam and felt fairly confident in my answers but the fact the exam went to 150 questions did start to make my question whether or not I passed.

I was preparing for the worst and was just excited I finally sat for the exam and I knew I would be better prepared for the next time. It was at that point I flipped over the piece of paper provided by the testing center to see I passed!