The APM CE (CEM) Setup option for HTTPS Settings allows only uploading a new SSL private key or the deletion of all keys. There is the option to replace but not delete an individual private key. This article provides a workaround for this situation.
1. An individual key can be manually deleted from the TIM_INSTALL_PATH/config/webservers directory. However, this change will not be reflected immediately on the "TIM SSL Servers" page because the TIM process does not check for changes to that directory until it is restarted. Note that this approach is also useful for migrations and upgrades.
2. In contrast, using the key creation or "delete all keys" options on the HTTPS Settings page forces the TIM process to update the TIM_INSTALL_PATH/config/webservers directory dynamically with the new files.The TIM process updates the SSL Groups and sslinterface network handlers as required and does not need to be restarted.