10.3.3 Delete a Certificate from the NNMi Keystore
The NNMi keystore can hold only one certificate at a time. Before replacing or renewing a certificate on the NNMi management server, you must delete the existing certificate from the NNMi keystore.
To delete a certificate from the NNMi keystore:
-
Change to the directory on the NNMi management server that contains the nnm-key.p12 and nnm-trust.p12 files:
-
Windows: %NnmDataDir%shared\nnm\certificates
-
Linux: $NnmDataDir/shared/nnm/certificates
-
-
Save a backup copy of the nnm-key.p12 file.
-
Examine the contents of the keystore, and then note down the alias of the existing certificate:
-
Windows:
%NnmInstallDir%bin\nnmkeytool.ovpl -list -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass
-
Linux:
$NnmInstallDir/bin/nnmkeytool.ovpl -list -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass
-
-
Delete the existing certificate from keystore by running the following command:
-
Windows:
%NnmInstallDir%bin\nnmkeytool.ovpl -delete -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass -alias <alias>
-
Linux:
$NnmInstallDir/bin/nnmkeytool.ovpl -delete -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass -alias <alias>
- Note
-
The alias, referred to as <alias> in this example, identifies the existing certificate.
-
-
Restart NNMi by running the following commands:
- Note
-
Changes take effect only after restarting NNMi.
-
Windows:
%NnmInstallDir%bin\ovstop -c %NnmInstallDir%bin\ovstart -c
-
Linux:
$NnmInstallDir/bin/ovstop -c $NnmInstallDir/bin/ovstart -c