Deleting a Certificate Version
Delete a certificate version that you don't need.
You can only delete a certificate version with a rotation state of deprecated. To have a deprecated version, you must also have a current version and a previous version. Unless you want to delete a certificate entirely, you must maintain at least one version of the certificate. When you delete a certificate version, the version isn't immediately deleted. By default, a certificate version is permanently deleted 30 days after you schedule it for deletion. At minimum, one day must elapse before the certificate version is permanently deleted.
Use the oci certs-mgmt certificate-version schedule-deletion command and required parameters to delete a certificate version:
oci certs-mgmt certificate-version schedule-deletion --certificate-id <certificate_OCID> --version-number <certificate_version_number>
For example:
oci certs-mgmt certificate-version schedule-deletion --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --version-number 2
For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the DeleteCertificateVersion operation to delete a certificate version.