Support Center > Search Results > SecureKnowledge Details
How to delete expired certificates from Internal CA (ICA) database Technical Level
Solution

You can clean the already expired certificates from the Internal CA database on the Management Server.

Follow the procedure described in the Security Management Server Administration Guide for your version - Chapter "The ICA Management Tool" > Section "CA Procedures" > Section "CA Cleanup":

To remove expired certificates manually:

  1. Make sure that the time configured on the Security Management Server is correct.
    See the Gaia Administration Guide for your version > Chapter "System Management" > Section "Time".
  2. In the ICA Management Tool > Menu pane, select Manage CRLs > Clean the CA's Database and CRLs from expired certificates.

Automatic removal of expired certificates in Management Server:

  • After each restart, all expired certificates are cleaned automatically.
  • In addition, an automatic cleaning operation is scheduled to set every 3 weeks, starting from:
    • The first time you turn on the Management Server.
    • Each restart you do on the Management Server.

Important - Automatic removal is available starting from:

Related Solutions:

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment