It is possible to remove individual subsystem instances or to uninstall all packages associated with an entire subsystem. Instances and subsystems are installed and uninstalled individually. For example, it is possible to uninstall a DRM subsystem while leaving an installed and configured CA subsystem. It is also possible to remove a single CA instance while leaving other CA instances on the machine.
Removing an instance requires specifying the instance directory and the instance name. This command removes all files associated with the instance (without removing the subsystem packages).
pkiremove -pki_instance_root=pki_instance_root-pki_instance_name=pki_instance_ID-token_pwd=password-force
The pki_instance_root is the directory path of the instance, such as
/var/lib/instance_name. The pki_instance_name is the instance name, such as pki-ca. The password is the password used to access the NSS database for the instance being removed. If the password isn't given with the command, then the script assumes that it is in the password.conf file; otherwise, the script prompts for the password.
TIP
Use
-force with pkiremove to remove the instance without prompting for confirmation.
Example 13.1. Removing a CA Instance
pkiremove -pki_instance_root=/var/lib -pki_instance_name=pki-ca1 -force -token_pwd=secret PKI instance Deletion Utility ... PKI instance Deletion Utility cleaning up instance ... Stopping pki-ca1: process already stopped Removing dir /var/lib/pki-ca1 Removing file /var/log/pki-ca1-install.log Removing file /etc/init.d/pki-ca1 Removing file /usr/share/applications/pki-ca1-config.desktop Removing file /usr/bin/dtomcat5-pki-ca1
pkiremove removes the instance and any related files, such as the certificate databases, certificates, keys, and associated users. It does not uninstall the subsystem packages.