You might want to remove a certificate so that it cannot be used (for example, if it has expired or has been compromised).

You can remove any certificate except the following:

  • You cannot delete a certificate that is currently in use by a sensor group.

  • You cannot delete the legacy certificate that is created during server installation.

Procedure

  1. Click Username > Settings.
  2. Click Server Certificates.
  3. Check that the certificate to delete does not have any sensors using it. If the certificate is not in use, click Actions > Delete for that certificate.
  4. In the confirmation dialog, click Delete.
    Caution: After you confirm the deletion of a server certificate, any sensors that were using the certificate can no longer communicate with the server. There is no Undo for this action. Although you cannot delete a certificate that is being used by a Sensor Group, it is possible that an offline sensor could miss a change of certificate for its group, and come back online configured to use a certificate that has been deleted.