Delete a personal certificate from a key repository

 

Use the following procedure to remove personal certificates:

  1. Start the iKeyman GUI using either the gsk7ikm command (on UNIX) or the strmqikm command (on Windows).

  2. From the Key Database File menu, click Open. The Open window displays.

  3. Click Key database type and select CMS (Certificate Management System).

  4. Click Browse to navigate to the directory that contains the key database files.

  5. Select the key database file to which you want to add the certificate, for example key.kdb.

  6. Click Open. The Password Prompt window is displayed.

  7. Type the password you set when you created the key database and click OK. The name of your key database file displays in the File Name field.

  8. In the Personal Certificates list, select the certificate you want to delete.

  9. If you do not already have a copy of the certificate and you want to save it, click Export/Import and export it (see Exporting a personal certificate from a key repository).

  10. With the certificate selected, click Delete. The Confirm window displays.

  11. Click Yes. The Personal Certificates field no longer shows the label of the certificate you deleted.

Use the following commands to delete a personal certificate using IKEYCMD or GSKCapiCmd:

where:

-db filename is the fully qualified file name of a CMS key database.
-pw password is the password for the CMS key database.
-label label is the label attached to the personal certificate.
-fips specifies that the command is run in FIPS mode. This mode disables the use of the BSafe cryptographic library. Only the ICC component is used and this component must be successfully initialized in FIPS mode. When in FIPS mode, the ICC component uses algorithms that have been FIPS 140-2 validated. If the ICC component does not initialize in FIPS mode, the gsk7capicmd command fails.

 

Parent topic:

Managing digital certificates


sy12370_