Deleting a Certificate

Delete a certificate when you no longer need it.

You can only delete a certificate version with the rotation state of deprecated. You can only have a deprecated certificate version when you also have a current version. Unless you want to delete a certificate entirely, you must maintain at least one version of the certificate. Furthermore, the certificate can't have any associations. You must delete all associations before you can delete the certificate.

When you delete a certificate, the certificate isn't immediately deleted. By default, a certificate is permanently deleted 30 days after you schedule it for deletion. At minimum, one day must elapse before the certificate is permanently deleted. Certificates pending deletion count against their own service limits and are subject to restrictions on the reuse of a certificate display name.

    1. Open the navigation menu and click Identity & Security.
    2. Under Certificates, click Certificates.
    3. From the list of certificates in the compartment, click the name of the certificate that you want to delete.

      To find a certificate in a different compartment, under List scope, choose a different compartment.

    4. Click Delete.
    5. Confirm the deletion by entering the certificate name exactly as it appears.
    6. Click Select deletion date, and then choose the date when you want to delete the certificate permanently.
    7. Click Delete Certificate.
  • Use the oci certs-mgmt certificate schedule-deletion command and required parameters to schedule a certificate for deletion:

    Note

    If you do not indicate when to delete the certificate, by default, a certificate is automatically scheduled for deletion in 30 days.
    oci certs-mgmt certificate schedule-deletion --certificate-id <certificate_OCID> --time-of-deletion <RFC_3339_timestamp>

    For example:

    oci certs-mgmt certificate schedule-deletion --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --time-of-deletion 2022-01-01T00:00:00+00:00

    For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

  • Run the ScheduleCertificateDeletion operation to schedule the deletion of a certificate.