Caution: Once you delete a certificate/private key pair, it cannot be recovered unless it has previously been stored somewhere else (another key database file, z/OS PKCS #11 token, a PKCS #12 file for certificate/private key pairs, or a DER-encoded or Base64-encoded file for certificates). Be sure that you no longer require the certificate (and private key if one is associated with the certificate) before you remove it.

From the Key Management Menu or Token Management Menu, select 1 - Manage keys and certificates to display the Key and Certificate List or Token Key and Certificate List respectively. Find the label of the certificate and key to be deleted and enter the number associated with the label. From the Key and Certificate Menu or Token Key and Certificate Menu choose 8 to delete the certificate and key.

Enter 1 to confirm the deletion of the certificate and key. A message appears, confirming that the record has been deleted. Once the certificate has been deleted, it can no longer be used for identification or verification purposes by the System SSL APIs during SSL handshake processing.