Jump to content
Welcome to our new Citrix community!

Unable to delete Server Certificate on Citrix ADC

Recommended Posts

Hi, I try to delete a Server Certificate. If I try to delete the Certificate I get the following Error:


Certificate is referenced by a CRL, OCSP responder, vserver, service, monitor, SSL profile, CA Cert Group, another certificate, or a policy expression using XML_ENCRYPT() or XML_DECRYPT()


No I check where the Certificate is bind to and I get that result:


sho ssl certkey "Lets-EncyptWildcardCert" | grep -i "name:"                                                                      


Name: Lets-EncyptWildcardCert           Status: Valid,   Days to expiration:7
        1)      VServer name: _XD_*********_443      Server Certificate
        2)      VServer name: *********_XM_XenMobileGateway   Server Certificate  


Ok the I try that:


unbind ssl vserver "_XD_*********_443" -certkeyName "Lets-EncyptWildcardCert"


and get this Error:


ERROR: Certificate binding does not exist

Than I check the Bindings to that VSERVER:


 sho ssl vserver "_*********_443" | grep -i certkey


and I get this:

1)      CertKey Name: CR_Wildcard-30-07-20      Server Certificate


So any one a Idea why it show a Binding to the Certificate, if I check the Certificate, but If I check the VServer bindings is no longer exist?




Link to comment
Share on other sites

Also not working...


unbind ssl vserver "_XD_*********_443" -certkeyName Lets-EncyptWildcardCert

ERROR: Certificate binding does not exist


Is not a Problem of miss writing of the commands...may be is a bug that the Certificates Bindings not successfull removed from the Certificate but from the VServer.



Link to comment
Share on other sites

show run | grep Lets-EncyptWildcardCert


did not show any bindings:


add ssl certKey Lets-EncyptWildcardCert_ic1 -cert Letsencypt-Wildcard_ic1
add ssl certKey Lets-EncyptWildcardCert -cert Wildcard_10-2019-********.pfx -key Wildcard_10-2019-********.pfx -inform PFX -passcrypt *************** -encrypted -encryptmethod ENCMTHD_3 -expiryMonitor DISABLED


If I check the GUI for the Certificates it show the same Bindings like in the CLI

2019-09-23 10_13_57-app (5) - portal.sc-proservia.de_443 - Remote Desktop Connection.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...