You can’t.
Certificates that have been issued and/or revoked, cannot be removed with Bright Cluster Manager. This is because even if you would be able to remove them on the server side, they would still be usable if a client has a copy of the certificates. For this reason it is considered bad practice in a ‘public key infrastructure’ (PKI) to not have records of all certificates that have ever been issued. This is why Bright Cluster Manager does not allow removal of these records.
Considering the above, in some rare cases, if you really know what you are doing, and fully understand the security implications, it is possible to remove the revoked certificates from the CMDaemon database. Here is how (treat with care!):
bash> service cmd stopbash> mysql -u$(grep DBUser /cm/local/apps/cmd/etc/cmd.conf | gawk '{print $3}' \ | sed 's#\"##g') -p$(grep DBPass /cm/local/apps/cmd/etc/cmd.conf \ | gawk '{print $3}' | sed 's#\"##g') cmdaemonmysql> delete from Certificates where revoked = 1;bash> service cmd start