Remove Keys and Certificates on Fabric IPsec Gateway VM
Before you begin
You can remove subject certificates from the certificate authority (CA) trustpoint only if the subject-label is not configured on an IPsec tunnel.
About this task
Use this procedure to remove keys or certificates from the certificate store.
Procedure
Variable Definitions
The following table defines parameters for the certificate remove command.
Variable |
Value |
---|---|
key <key-label> |
Specifies the key name to remove. |
offline-cacert <filename> |
Specifies the certificate filename to remove. |
offline-crl <filename> |
Specifies the Certificate Revocation List (CRL) certificate filename to remove. |
offline-subject-certs <subject-label> |
Specifies the subject label for which to remove signed certificates. |
The following table defines parameters for the certificate ca command.
Variable |
Value |
---|---|
<ca-trustpoint> |
Specifies the name of the certificate authority. The name can be alphanumeric and is case-sensitive. The maximum length is 45 characters. |
<subject-label> |
Specifies the subject identity. |