---
title: Retiring the previous certificate
description: Retire the previous certificate by removing it from the topology registry after it expires.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_retire_prev_cert
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_retire_prev_cert.html
revdate: July 29, 2022
section_ids:
  steps: Steps
---

# Retiring the previous certificate

Retire the previous certificate by removing it from the topology registry after it expires.

## Steps

* Remove the previous certificate from the topology registry, as shown in the following example.

  ```shell
  $ dsconfig -n set-server-instance-listener-prop \
    --instance-name  <instance-name>  \
    --listener-name ldap-listener-mirrored-config \
    --set "listener-certificate<new-server-cert.crt"
  ```