Deletion Tasks

As part of the Deletion Process, Deletion Tasks use rules to determine whether to move older items into the Recycle Bin. Currently, there are two tasks. These settings appear in VCC. All of these settings appear in the POST RecycleBin/GetConfigurationresponse.

Deletion Tasks

Task Name

Values and example

CertificateAge|Days|Archived_only

Moves certificates based on age:

  • Days: Number of days, NOT years, since the certificate expired . Default is 3650. VCC setting: Delete certificates more, than [n] years ago.
  • Archived_only: (Optional)). Works in conjunction with Days. Keep the expired certificate. Only delete any older archived certificates. VCC setting: Delete only if certificate is archived (not most recent).

Example: CertificateAge|5

CertificateHistory|MaxItemsRemaining

Moves Secret Store vault information into the Recycle Bin:

  • MaxItemsRemaining: Required. Retain only the newest certificates and private keys in the history for each Certificate object. Default is 10. VCC setting: Retain only the [n] newest X.509 certificates.


Example: CertificateHistory|1

NOTE  There is a configuration that exists on all WebAdmin policy objects called Exclude from automatic deletion. When this setting is enabled, these objects will be ignored by the automatic deletion features of the Recycle Bin.