Delete System Certificate REST Service
Use the Delete System Certificate REST Service to delete a system certificate or its usage type from the IBM® Security Guardium® Key Lifecycle Manager server that is no longer in use. You cannot delete a certificate that is marked for UI access or key serving. You can delete the certificate for EKMF Web if EKMF Web is not configured.
- Operation
DELETE
- URL
- https://host:port/SKLM/rest/v1/system/certificates/{alias}
By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.
Request
Request Parameters
Parameter | Description |
---|---|
host | Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server. |
port | Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
Header name | Value |
---|---|
Content-Type | application/json |
Accept | application/json |
Authorization | SKLMAuth userAuthId=<authIdValue> |
Accept-Language | Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de. |
Request body
JSON object with the following specification:
JSON property name | Description |
---|---|
alias |
Specify the alias of the certificate that is to be deleted. Important: Ensure that the certificate is not currently in use.
|
usageSubtype | Specify the usage type of the certificate. You can specify multiple usage
types in comma-separated format. You cannot delete a certificate that is marked for UI access or key
serving. Note: If you specify only the usageSubtype parameter, and not the
certificate alias, the usageSubtype is deleted.
|
Response
Response Headers
Header name | Value and description |
---|---|
Status Code |
|
Content-Type | application/json |
Content-Language | Locale for the response message. |
Success response body
JSON object with the following specification:
JSON property name | Description |
---|---|
code | Returns the code that is specified by the status property. |
status | Returns the status to indicate whether the certificate is deleted. |
Error Response Body
JSON object with the following specification.
JSON property name | Description |
---|---|
code | Returns the application error code. |
message | Returns a message that describes the error. |
Examples
- Service request to delete a certificate
-
DELETE https://localhost:port/SKLM/rest/v1/system/certificates/periotic1_gui?usageSubtype=EKMF_TLS
- Invalid service request when the certificate is in use
-
DELETE https://localhost:port/SKLM/rest/v1/system/certificates/server_cert2