Deleting a CA client in SSL
You can delete the CAClient object from the security configuration if a connection to a certificate authority (CA) is no longer needed.
Before you begin
Procedure
Results
Note: When
you use the deleteCAClient AdminTask to delete the CA client, the
CA client cannot be deleted if a CA certificate that exists in the
keystore was obtained from the certificate authority and is still
referenced by the CA client. For example, when such CA certificate
still exists, the user receives the following message:
wsadmin>$AdminTask deleteCAClient {-caClientName myca} WASX7015E: Exception running command: "$AdminTask deleteCAClient {-caClientName myca}"; exception information: com.ibm.websphere.management.cmdframework.CommandValidationException: CWPKI0687E: The Certificate Authority (CA) client myca is still referenced by: [Certificate alias myca21 in key store CellDefaultKeyStore]. wsadmin>