Delete SSH certificate issuance templates and SSH CA keys
If you no longer need a specific issuance template and its associated CA keys, you can delete them from the system.
This operation will not delete the CA pair used by the template.
To delete SSH certificate issuance templates
This procedure will not delete the CA key pair used by the template.
-
From the SSH Protect menu, click Configuration > Certificate Issuance Templates.
-
Select the check box next to the template(s) you want to delete.
-
Click Delete.
-
On the modal, confirm that you want to delete the CA issuance template.
To delete the SSH CA keys
WARNING! This is an irreversible operation. One a keypair is deleted, you cannot sign that certificate anymore, and any clients and hosts that use that certificate keypair will no longer be able to connect (unless there is another template that they match)
-
From the SSH Protect menu, click Configuration > Policy Tree.
-
Open the Certificate Authority tree.
-
Expand the Certificate Authority > SSH > Key Pairs folder.
-
Locate the keypair you want to delete, then right-click on it.
-
Click Delete.
-
On the modal confirm you want to delete the keypair.
Deleting the keypair does not delete the issuance template.