We recently upgraded to vCloud Director 10.6.1. With this upgrade, system alerts are generated for the SAML configuration for every organisation, even if they've never used SAML before. Broadcom have an article on dealing with Expired SAML Certificate emails. The problem with this, is management of them requires you to log into every Organisation, go to the administration page of that organisation and then renew the SAML Certificate and remove the old ones. The following is a PowerCLI script that will loop through all the organisations, renew any expired SAML certificates and remove the unused ones (it will not touch any custom uploaded certificates by a tenant). This does not cover off the "SYSTEM" tenant
Run this section first to create credentials to Login:
$VCD = "Insert VCD name here"$api_version = "39.1" #give a valid compatibility
$creds = Get-Credential #username@system
