[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Deleting Certificates

You can delete a local or trusted CA certificate that is automatically or manually generated.

Before You Begin
Obtain a certificate either online or manually. See Obtaining Digital Certificates Online or Obtaining Digital Certificates Manually . For background information, read Public Key Cryptography for Certificates Understanding Certificates Understanding Certificate Revocation Lists Using Digital Certificates

This topic covers:

CLI Operation

Use the following command to delete a local certificate:


            
               user@host> clear security pki local
                     certificate certificate-id (certificate-id | all | system-generated )

Specify a certificate ID to delete a local certificate with a specific ID, use all to delete all local certificates, or specify system-generated to delete the automatically generated self-signed certificate.

When you delete an automatically generated self-signed certificate, the device generates a new one.

To delete a CA certificate:


            
               user@host> clear security pki ca-certificate
                     ca-profile (ca-profile-name | all)

Specify a CA profile to delete a specific CA certificate, or use all to delete all CA certificates present in the persistent store.

Note: You are asked for confirmation before a CA certificate can be deleted.

Deleting Certificates

CLI Operation

Related Topics