Clearing Digital Certificates
Purpose
Variations of the clear security pki command enable you to delete certificates or requests and certificate revocation lists:
Action
- To delete the CA digital certificate, issue the clear security pki ca-certificate ca-profile ca-profile-name command.
- To delete the local digital certificate and the associated private/public key pair, issue the clear security pki local-certificate certificate-id certificate-id-name command.
- To delete the local certificate request, issue the clear security pki certificate-request certificate-id certificate-id-name command.
- To clear the digital certificates that were used in IKE negotiations to establish IPSec tunnels, issue the clear services ipsec-vpn certificates command.
- To delete the certificate revocation list, issue the clear security pki crl ca-profile ca-profile-name command.
Related Topics
To see a full example showing the use of digital certificates in an IPSec topology, see Example: AS PIC IKE Dynamic SA with Digital Certificates Configuration. For more information about operational mode commands used with digital certificates, see the Junos System Basics and Services Command Reference. For more information about configuration statements used with digital certificates, see the Junos System Basics Configuration Guide and the Junos Services Interfaces Configuration Guide.
