Deleting a certificate from a key repository on UNIX, Linux, and Windows systems

Use this procedure to remove personal or CA certificates.

Using iKeyman

If you need to manage SSL certificates in a way that is FIPS compliant, use the runmqakm command. iKeyman does not provide a FIPS-compliant option.

  1. Start the iKeyman GUI using the strmqikm command (on UNIX, Linux® and Windows systems).
  2. From the Key Database File menu, click Open. The Open window opens.
  3. Click Key database type and select CMS (Certificate Management System).
  4. Click Browse to navigate to the directory that contains the key database files.
  5. Select the key database file from which you want to delete the certificate, for example key.kdb.
  6. Click Open. The Password Prompt window opens.
  7. Type the password you set when you created the key database and click OK. The name of your key database file is displayed in the File Name field.
  8. From the drop down list, select Personal Certificates or Signer Certificates
  9. Select the certificate you want to delete.
  10. If you do not already have a copy of the certificate and you want to save it, click Export/Import and export it (see Exporting a personal certificate from a key repository).
  11. With the certificate selected, click Delete. The Confirm window opens.
  12. Click Yes. The Personal Certificates field no longer shows the label of the certificate you deleted.

Using the command line

Use the following commands to delete a certificate using iKeycmd or runmqakm:
  • On UNIX, Linux and Windows: 
    
runmqckm -cert -delete -db filename -pw password -label label
where: