rsa pki local-key-pair destroy

Function

The rsa pki local-key-pair destroy command deletes RSA key pair.

Format

rsa pki local-key-pair [ key-name ] destroy

Parameters

Parameter Description Value
key-name

Indicate the name of RSA.

The value is a string of 1 to 31 case-sensitive characters, spaces not supported.

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
pki execute

Usage Guidelines

Usage Scenario

Before applying for a certificate, run the rsa pki local-key-pair create command to create a public and private key pair. The private key is kept by users; the public key and other information are sent to a CA for signature, and then a certificate is obtained.

If the key of a user is disclosed, the rsa pki local-key-pair destroy command can be used to delete the original key pair.

If a local certificate exists, delete the local certificate to generate a new key pair. This ensures that the key pair matches the local certificate. If a key pair exists, the newly created key pair will overwrite the original one.

Updating the key every 90 days is recommended.

Example

# Delete RSA key pair key1.
<HUAWEI> system-view
[~HUAWEI] rsa pki local-key-pair key1 destroy
Parent Topic: PKI Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >