Skip to content Skip to site navigation

Delete a Cardinal Key on a Mac

For compliance, please remove multiple Cardinal Keys. Having multiple Cardinal Keys can result in the Cardinal Key failing to authenticate access to restricted resources such as Google Drive for some users. 

Cardinal Keys are partially removed when you remove your device from MyDevices. Your computer record is removed from MyDevices and, but the certificate remains on your device and needs to be removed manually. Please follow the steps below. If you do not plan on connecting your device to the Stanford network, then it is not necessary to remove the Cardinal Key certificate.

Before deleting a Cardinal Key, you can review the information in MyDevices to identify which Cardinal Key you want to delete. See View Your Cardinal Keys for instructions.

Before you begin, make sure you are logged in as the macOS user whose certificate you want to delete.

  1. Launch the Keychain Access app. Navigate to Applications Utilities > Keychain Access app.
  2. In the Keychains section click login and then in the Category section click My Certificates.

    window showing certificate for your login
  3. In the search field in the upper-right, enter sunetid/Enrollment where sunetid is the SUNet ID of the person whose certificate you want to delete.

    search for the certificate you want to delete
  4. Select the certificate you want to delete. Right-click on the certificate and then click Delete <certificate name>.
    Typically you'll want to delete all but the most recently installed certificate. To determine which is most recently installed, look at the date in the "Expires" column. This date is five years later than the date of installation.

    right-click the name of the certificate and then click delete
  5. When prompted to confirm that you want to delete the certificate, click Delete.

    Click Delete if you are sure you want to delete this certificate
Last modified September 24, 2020