Delete Certificate
The Delete Certificate
operation deletes the identified certificate.
This operation is supported using the BCPii interface. [Added by feature
secure-boot-with-certificates]
HTTP method and URI
DELETE
/api/certificates/{certificate-id}
In this request, the URI variable {certificate-id} is the object ID of the Certificate object to be deleted.
Description
This operation deletes the specified certificate. Upon success, an Inventory Change notification is emitted asynchronously to this operation.
If this operation changes the value of any property for which property-change notifications are due, those notifications are issued asynchronously to this operation.
A 404 (Not Found) status code is returned if the request URI does not designate an existing Certificate object, or if the API user does not have object-access permission to the object. If the API user doesn’t have action/task permission to the Import Secure Boot Certificates task, 403 (Forbidden) status code is returned. If the Certificate object is currently assigned, a 409 (Conflict) status code is returned. A 503 (Service Unavailable) status code is returned if the Console is not communicating with the CPC.
Authorization requirements
This operation has the following authorization requirements:
- Object-access permission to the certificate object whose object-id is {certificate-id}.
- Action/task permission to the Import Secure Boot Certificates task.
- The source partition must have receive BCPii security controls permissions for the CPC object designated by target-name property that accompanies the request.
HTTP status and reason codes
On success, HTTP status code 204 (No Content) is returned and no response body is provided.
The following HTTP status codes are returned for the indicated errors, and the response body is a standard error response body providing the reason code indicated and associated error message.
HTTP error status code | Reason code | Description |
---|---|---|
403 (Forbidden) | 0 | The request used the BCPii interface and the source CPC object does not have receive BCPii security controls permission. |
1 | The user under which the API request was authenticated does not have the required authority to perform the requested action. | |
404 (Not Found) | 1 | The object ID in the URI ({certificate-id}) does not designate an existing Certificate object, or the API user does not have object-access permission to the object. |
409 (Conflict) | 373 | The operation cannot be performed because the certificate is currently assigned. |
503 (Service Unavailable) | 1 | The request could not be processed because the HMC is not currently communicating with an SE needed to perform the requested operation. |
Additional standard status and reason codes can be returned, as described in Invoking API operations.