Renewing Tps Agent And Administrator Certificates; Deleting Users - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual

3. Click the Update button to save the new role settings.

14.5.5. Renewing TPS Agent and Administrator Certificates

Regenerating the certificate takes its original key and its original profile and request, and recreates an
identical key with a new validity period and expiration date.
The TPS has a default administrative user that was created at the time the subsystem was created. A
new certificate can be requested for this user when their original one expires, using one of the default
renewal profiles.
Certificates for administrative users can be renewed directly in the end user enrollment forms, using
the serial number of the original certificate.
1. Renew the user certificates through the CA's end users forms, as described in
"Certificate-Based
it).
Agent certificates can be renewed by using the certificate-based renewal form in the end entities
page, Self-renew user SSL client certificate. This form recognizes and updates the certificate
stored in the browser's certificate store directly.
TIP
It is also possible to renew the certificate using certutil, as described in
Section 4.7.3.2, "Renewing Certificates Using
certificate stored in a browser to initiate renewal, certutil uses an input file with the
original key.
2. Paste the new certificate into the admin user's entry, as described in
Users".

14.5.6. Deleting Users

WARNING
It is possible to delete the last user account, and the operation cannot be undone. Be very
careful about the user which is selected to be deleted.
1. List the users, and click the link to the user to delete.
Renewal". This must be the same CA as first issued the certificate (or a clone of
Renewing TPS Agent and Administrator Certificates
certutil". Rather than using the
Section 14.5.2, "Adding
Section 4.7.3.1.2,
353