How to remove certificate from Store cleanly
You could try the X509Store
and releated classes in the .Net Framework to delete a certificate from the certificate store. The following code example deletes a certificate from the current user's My store:
// Use other store locations if your certificate is not in the current user store.X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);store.Open(OpenFlags.ReadWrite | OpenFlags.IncludeArchived);// You could also use a more specific find type such as X509FindType.FindByThumbprintX509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, "yoursubjectname", false);foreach (var cert in col){ Console.Out.WriteLine(cert.SubjectName.Name); // Remove the certificate store.Remove(cert); }store.Close();
BEGIN EDIT:Based on the comments in the comment section I've updated my answer with a code sample showing how to remove a certificate and all certificates in the chain:
X509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, "yoursubjectname", false); X509Chain ch = new X509Chain(); ch.Build(col[0]); X509Certificate2Collection allCertsInChain = new X509Certificate2Collection(); foreach (X509ChainElement el in ch.ChainElements) { allCertsInChain.Add(el.Certificate); } store.RemoveRange(allCertsInChain);
END EDIT
Hope, this helps.
Old thread, but I just followed the linked post below using Win 7 and it worked nicely... Uses the Management Console.
- Start -> Run -> mmc.exe
- Click File -> "Add/Remove Snap-in"
- Select Certificates, click Add
- Select "Computer account", click Next.
- Select "Local computer", click Finish
- Click OK, which should bring you back to the MMC
- In left pane, expand Certificates (Local Computer)
- Do what you will with the listed certificates...
Source:http://windowssecrets.com/top-story/certificate-cleanup-for-most-personal-computers/
You can try certmgr.exe. The following command removes a certificate with a cn of 'commoncertname ' from the local user personal\certificates store.
.\certmgr.exe -del -n commoncertname -c -s -r currentuser my
You can find more information about certmgr.exe here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376553%28v=vs.85%29.aspx
UPDATE
Duh! I can't believe I didn't try this! You can remove certificates with the following:
Get-ChildItem Cert:\CurrentUser\My | Where-Object {$_.Subject -eq 'CN=certCN'} | Remove-Item