2.10. Uninstalling Certificate System Subsystems

2.10. Uninstalling Certificate System Subsystems

It is possible to remove individual subsystem instances or to uninstall all packages associated with an entire subsystem. Instances and subsystems are installed and uninstalled individually. For example, it is possible to uninstall a DRM subsystem while leaving an installed and configured CA subsystem. It is also possible to remove a single CA instance while leaving other CA instances on the machine.

2.10.1. Removing a Subsystem Instance

To remove a subsystem instance, run the following command:

pkiremove -pki_instance_root=pki_instance_root
 -pki_instance_name=pki_instance_ID -force

The pki_instance_root is the directory path of the instance, such as /var/lib. The pki_instance_name is the instance name, such as rhpki-ca. force automatically answers yes to all uninstallation questions without prompting the user.

pkiremove -pki_instance_root=/var/lib
 -pki_instance_name=rhpki-ca1 -force

PKI instance Deletion Utility ...

PKI instance Deletion Utility cleaning up instance ...

Stopping rhpki-ca1:
process already stopped

Removing dir /var/lib/rhpki-ca1
Removing file /var/log/rhpki-ca1-install.log
Removing file /etc/init.d/rhpki-ca1
Removing file /usr/share/applications/rhpki-ca1-config.desktop
Removing file /usr/bin/dtomcat5-rhpki-ca1

Example 2.4. Removing a CA Instance

pkiremove removes the instance and any related files, such as the certificate databases, certificates, keys, and associated users. It does not uninstall the subsystem.

2.10.2. Removing Certificate System Subsystems

To uninstall an individual Certificate System subsystem, do the following:

  1. Remove all the associated subsystem instances using pkiremove. For example:

    pkiremove -pki_instance_root=/var/lib
 -pki_instance_name=rhpki-ca -force

  2. Run the uninstall utility. rhpki-uninstall is one of the tools included in the rhpki-manage package. For example:

    rhpki-uninstall -pki_subsystem=ca -force

    The subsystem type can be ca, drm, esc, ocsp, tks, tps, or all. This command is used to uninstall the Certificate System servers as well as the Enterprise Security Client.

  3. If all of the Certificate System subsystems on the machine have been uninstalled, remove the Certificate System uninstall utility; this means removing the rhpki-manage package.

    rpm -ev rhpki-manage