The pkgadm command can be used to delete trusted certificates and private keys from the package keystore.
When you delete user certificates, the alias of the certificate/key pair must be specified. For example:
$ pkgadm removecert -n myname |
The alias of the certificate is the common name of the certificate, which can be identified using the pkgadm listcert command. For example, this command deletes a trusted certificate entitled Trusted CA Cert 1:
$ pkgadm removecert -n "Trusted CA Cert 1" |
If you have both a trusted certificate and a user certificate stored using the same alias, they are both deleted when you specify the -n option.