You can delete the CAClient object from the security configuration
if a connection to a certificate authority (CA) is no longer needed.
Before you begin
You use the administrative console to delete a CA client.
Procedure
- Click Security > SSL certificate and key management.
- Click Certificate Authority (CA) client configurations.
A panel displaying the existing CA clients appears.
- Click the CA client name you want to delete.
- Click the Delete button.
Note: You can
also use the deleteAClient AdminTask to delete the CA client.
Results
The CA client is deleted from the configuration.
Note: When
you use the deleteCAClient AdminTask to delete the CA client, the
CA client cannot be deleted if a CA certificate that exists in the
keystore was obtained from the certificate authority and is still
referenced by the CA client. For example, when such CA certificate
still exists, the user receives the following message:
wsadmin>$AdminTask deleteCAClient {-caClientName myca}
WASX7015E: Exception running command:
"$AdminTask deleteCAClient {-caClientName myca}"; exception information:
com.ibm.websphere.management.cmdframework.CommandValidationException:
CWPKI0687E: The Certificate Authority (CA) client myca is still referenced by:
[Certificate alias myca21 in key store CellDefaultKeyStore].
wsadmin>