Removing a client certificate from the server keystore

Edit online

If a client certificate is no longer needed, for example, because a user no longer has a business need to access a specific Collector Server, remove the certificate from the server keystore.

Read syntax diagramSkip visual syntax diagram client_key_gen.sh1client_key_gen.bat2  -rm  -sdbserver_keystore_path  -ppassword  -clcertificate_label
Notes:
  • 1 On Linux® and UNIX systems
  • 2 On Windows

Parameters

-sdb server_keystore_path
Specifies the relative path with file name of the server keystore from which the client certificate is to be removed.
-p password
Specifies the password of the server keystore.
-cl certificate_label
Specifies the label of the client certificate that is to be removed.

Examples

The following example is based on the following assumptions:
  • You issue the command on Windows from the C: directory.
  • The fully qualified file name of the server keystore is
    C:\Users\iccsapadmin\AppData\Roaming\IBM\iccsap\instance1\security\server_clients\server\server.kdb.
  • The server keystore is encrypted with the password secure.
  • The label of the client certificate is clientcert_new.
client_key_gen.bat -rm -sdb Users\iccsapadmin\AppData\Roaming\IBM\iccsap\instance1\
security\server_clients\server\server.kdb -p secure -cl clientcert_new