Delete Trusted Certificate

1	Introduction
1.1	Prerequisites
2	Procedure

1 Introduction

This document describes how to delete a trusted certificate.

1.1 Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1 Conditions

The following conditions must apply:

The user has the System Security Administrator role.
The trusted certificate identity is known.
The trusted certificate is not reserved by any trust category or is not the only certificate reserved by a trust category.
An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress

2 Procedure

To delete a trusted certificate:

Navigate to the trusted certificate to be deleted, for example:
>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1,TrustedCertificate=1
Show the trust category it is associated to:
(TrustedCertificate=1)>show reservedByCategory

The following is an example output:
ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,⇒ CertM=1,TrustCategory=aurora
Navigate to the TrustCategory Managed Object (MO) referred by attribute reservedByCategory, for example:
(TrustedCertificate=1)>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1,TrustCategory=aurora
Enter Config mode:
(TrustCategory=aurora)>configure
Remove all references from the TrustCategory MOs to the TrustedCertificate MO to be deleted, for example:
(Config-TrustCategory=aurora)>no trustedCertificates="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1,TrustedCertificate=1"
Commit the change:
(Config-TrustCategory=aurora)>commit
Navigate to the CertM MO, for example:
(TrustCategory=aurora)>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1
Enter Config mode:
(CertM=1>)>configure
Delete the trusted certificate, for example:
(Config-CertM=1)>removeTrustedCert "ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1,TrustedCertificate=1"

The system returns output true or false.

All resources belonging to the targeted trusted certificate are deleted.
Commit the change:
(Config-CertM=1)>commit

Verify the deletion by checking attribute trustedCertificateId:

(CertM=1)>show -v

The following is an example output:

CertM=1
   certMId="1"
   localFileStorePath="certificates" <read-only>
   userLabel="Certificate Management"
   reportProgress <read-only>
      actionId=0 <read-only>
      actionName="removeTrustedCert" <read-only>
      additionalInfo
         "" <read-only>
      progressInfo="" <read-only>
      progressPercentage=100 <read-only>
      result=SUCCESS <read-only>
      resultInfo="the TrustedCertificate instance removed" <read-only>
      state=FINISHED <read-only>
      timeActionCompleted="2014-03-07T11:42:17Z" <read-only>
      timeActionStarted="2014-03-07T11:42:17Z" <read-only>
      timeOfLastStatusUpdate="2014-03-07T11:42:17Z" <read-only>
   CertMCapabilities=1
   EnrollmentAuthority=1
   EnrollmentServerGroup=1
   NodeCredential=1
   NodeCredential=2
   TrustCategory=aurora
   TrustedCertificate=2