Zeroization
Certificate and key removal is discussed as part of the [no] form of each certificate installation command above. The [no] forms described above delete certificates and keys. The “Zeroize” command simply deletes (unlinks) key files. Full file system zeroization is performed by following with FIPS/Secure Mode commands.
The [no] form is supported only for TA profile and identity profile. It is not supported for local certificate. Zeroization erases keys and related PKI data such as CSRs and TA profiles from the file system.
Syntax
crypto pki zeroize
This command returns crypto pki configuration to the factory default state by deleting all certificates and related private keys. The Trust Anchor profile and switch identity profile configurations are also removed.
NOTE: The [no] form is not available for the certificate command. To remove a certificate from the switch, use the
clear
command.