Forum Discussion
Anush
Nimbostratus
NimbostratusHow to delete Orphan certs and keys
we have around 1000 orphan certs and keys to delete. I understood that if I used "delete system crypto", it will left system file as it in bigconf.config file so better to use GUI. but deleting these...
Samir_Jha_52506
Noctilucent
Noctilucentyou can generate expired list of SSL certificate & delete manually or through script. will popup error if it is in used.
https://devcentral.f5.com/questions/find-unused-ssl-certificates
delete sys crypto key web.test.com.crt
delete /sys crypto key web.test.com.crt
AnushNimbostratus
NimbostratusI just tried on one of our test box and yes that is correct that if you use "delete crypto" command, bigip.conf file still showing you it's there but if you use by GUI, it will get deleted from .conf file too. my problem is, deleting around 1000 certs/keys using GUI is not convenient so trying to find command or any other way which can clean up .conf file too.
Thanks
