Deleting a server certificate

You can delete a server certificate that is no longer required.

About this task

You cannot delete a server certificate that is marked for key serving or UI access. You can delete the certificate for EKMF Web if EKMF Web is not configured.

If you want to delete a certificate that is marked for key serving or UI access, select another certificate for key serving or UI access, and then retry the delete operation.

Procedure

  • Using graphical user interface
    1. Log in to the graphical user interface.
    2. Go to Advanced Configuration > System Certificates.
    3. In the Server Certificates table, select the certificate that you want to delete.
    4. Click Delete.
      A confirmation message is displayed.
    5. On the Confirm dialog, click OK.
      A confirmation message is displayed. Click Close.
  • Using REST interface
    1. Open the Swagger UI. For more information, see Using Swagger UI.
    2. Authenticate and authorize to access IBM Security Guardium Key Lifecycle Manager REST services. For more information, see Authentication process for REST services.
    3. Go to the System communication certificates management section.
    4. Run the Delete System Certificate REST Service.
      For example, you can send the following HTTP request.
      DELETE https://localhost:port/SKLM/rest/v1/system/certificates/periotic1_gui?usageSubtype=EKMF_TLS