Jump to content
Welcome to our new Citrix community!

Unable to delete Server Certificate on Citrix ADC


Recommended Posts

Hi, I try to delete a Server Certificate. If I try to delete the Certificate I get the following Error:

 

Certificate is referenced by a CRL, OCSP responder, vserver, service, monitor, SSL profile, CA Cert Group, another certificate, or a policy expression using XML_ENCRYPT() or XML_DECRYPT()

 

No I check where the Certificate is bind to and I get that result:

 

sho ssl certkey "Lets-EncyptWildcardCert" | grep -i "name:"                                                                      

 

Name: Lets-EncyptWildcardCert           Status: Valid,   Days to expiration:7
        1)      VServer name: _XD_*********_443      Server Certificate
        2)      VServer name: *********_XM_XenMobileGateway   Server Certificate  

 

Ok the I try that:

 

unbind ssl vserver "_XD_*********_443" -certkeyName "Lets-EncyptWildcardCert"

 

and get this Error:

 

ERROR: Certificate binding does not exist
 

Than I check the Bindings to that VSERVER:

 

 sho ssl vserver "_*********_443" | grep -i certkey

 

and I get this:


1)      CertKey Name: CR_Wildcard-30-07-20      Server Certificate

 

So any one a Idea why it show a Binding to the Certificate, if I check the Certificate, but If I check the VServer bindings is no longer exist?

 

Regards

Markus

Link to comment
Share on other sites

Also not working...

 

unbind ssl vserver "_XD_*********_443" -certkeyName Lets-EncyptWildcardCert

ERROR: Certificate binding does not exist

 

Is not a Problem of miss writing of the commands...may be is a bug that the Certificates Bindings not successfull removed from the Certificate but from the VServer.

 

 

Link to comment
Share on other sites

show run | grep Lets-EncyptWildcardCert

 

did not show any bindings:

 

add ssl certKey Lets-EncyptWildcardCert_ic1 -cert Letsencypt-Wildcard_ic1
add ssl certKey Lets-EncyptWildcardCert -cert Wildcard_10-2019-********.pfx -key Wildcard_10-2019-********.pfx -inform PFX -passcrypt *************** -encrypted -encryptmethod ENCMTHD_3 -expiryMonitor DISABLED

 

If I check the GUI for the Certificates it show the same Bindings like in the CLI

2019-09-23 10_13_57-app (5) - portal.sc-proservia.de_443 - Remote Desktop Connection.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...