Skip to main content

Documentation Index

Fetch the complete documentation index at: https://infisical.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Automatically remove expired certificates from your Certificate Manager. Cleanup runs daily and deletes certificates that have been expired for a configurable number of days.
This setting is managed by product admins and applies to all certificates in the Certificate Manager.

Configure Certificate Cleanup

1

Navigate to settings

Go to Certificate Manager → Settings → Certificate Cleanup.
2

Enable cleanup

Toggle Enable to turn on automatic cleanup.
3

Set retention period

Configure Delete certificates N days after expiration:
ValueBehavior
3Certificates are deleted 3 days after expiration
7Certificates are deleted 7 days after expiration
30Certificates are deleted 30 days after expiration
Values must be between 1 and 30 days.
4

Configure options

OptionDescription
Skip Certificates with Active SyncsDon’t delete certificates that are synced to external services (AWS ACM, Azure Key Vault, etc.)
Deleting synced certificates can break integrations. Enable this option if you use certificate syncs.

Monitoring Cleanup

After the cleanup job runs, the settings page displays:
FieldDescription
StatusWhether the last run succeeded or failed
Last RunDate and time of the last execution
Certificates RemovedNumber of certificates deleted

Permissions

Only Product Admins can configure certificate cleanup settings.

What’s Next?

Certificate Policies

Define constraints for certificates.

Certificate Profiles

Create profiles that link CAs with policies.

Managing Certificates

View and manage certificates in Applications.

Certificate Syncs

Push certificates to cloud destinations.