z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Examples of deleting digital certificates

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

To delete user certificates, CA certificates and site certificates, use the RACDCERT DELETE command. For user certificates, you must uniquely identify the certificate you want deleted. Therefore, if the user has more than one certificate, you must provide either:
  • LABEL, or
  • SERIALNUMBER and ISSUERSDN
The RACDCERT command uses the DELETE operand in the following forms:
DELETE(LABEL('label-name'))
DELETE(SERIALNUMBER(serial-number) ISSUERSDN('issuer's-dn') )

When you delete a certificate that is connected to a key ring, the certificate is automatically removed from the key ring.

Because PKCS #11 tokens are managed by ICSF, not RACF®, when you delete a certificate that is bound in a token, the equivalent certificate object in the token is unchanged.

For detailed syntax and usage information, see z/OS Security Server RACF Command Language Reference.

Parent topic: Using the RACDCERT command to administer certificates

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014