How to Delete Certificates on a Palo Alto Networks Firewall
This document describes the steps to delete certificates on the Palo Alto Networks firewall via the WebGUI and CLI.
Note: Please make sure the certificate to be deleted is not currently in use, as it will not allow you to delete a certificate that is currently being used inside of the config.
On the WebGUI
- Go to Device > Certificate Management > Certificates
- Select the certificate to be deleted
- Click Delete at the bottom of the page, and then click Yes in the confirmation dialog
- Commit the configuration
On the CLI
- Run the following CLI commands to delete the web server certificate:
# delete deviceconfig system web-server-certificate
- To delete the shared ssl-decrypt certificates:
# delete shared ssl-decrypt <value>
forward-trust-certificate CA certificate for trusted sites
forward-untrust-certificate CA certificate for untrusted sites
root-ca-exclude-list List of predefined root CAs to not trust