delete ca-certificate
To delete certificate authority certificates, use the delete ca-certificate command.
delete ca-certificate
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Trustpoint configuration
Command History
ModificationRelease
This command was introduced.4.1(2)
Usage Guidelines
This command deletes the CA certificate or certificate chain corresponding to the trustpoint CA. As a result,
the trustpoint CA is no longer trusted. If there is an identity certificate form the CA, you must delete it before
you can delete the CA certificate. This prevents the accidental deletion of a CA certificate when you have not
yet deleted the identity certificate obtained from that CA. Deleting the CA certificate may be necessary when
you no longer want to trust the CA because the CA is compromised or the CA certificate has expired.
The trustpoint configuration, certificates, and key pair configurations are persistent only after saving to the
startup configuration. Deletions become persistent only after you save the running configuration to the startup
configuration.
Enter the copy running-config startup-config command to make the certificate and key pair deletions
persistent.
This command does not require a license.
Examples
This example shows how to delete a certificate authority certificate:
switch# configure terminal
switch(config)# crypto ca trustpoint admin-ca
switch(config-trustpoint)# delete ca-certificate
Related Commands
DescriptionCommand
Deletes the identity certificate.delete certificate
Deletes the CRL from the trustpoint.delete crl
Cisco Nexus 7000 Series Security Command Reference
220
D Commands
delete ca-certificate
To Next Page
Loading...
