Is there a way to remove/ uninstall a self signed certificate from my store using powershell ?
I tried
Remove-Item cert:\LocalMachine\My\$thumb
it did not work, I got an exception saying "Provider does not support this operation"
I also tried
 certmgr.msc /del /n "MyTestServer" /s MY
it did not work either
How can I uninstall certificate from store ??
Thanks in advance Jeez
Press Windows Key + R Key together, type certmgr. msc, and hit enter. You will get a new window with the list of Certificates installed on your computer. Locate the certificate you want to delete and then click on the Action button then, click on Delete.
This certificate store is located in the registry under the HKEY_LOCAL_MACHINE root. This type of certificate store is local to a user account on the computer. This certificate store is located in the registry under the HKEY_CURRENT_USER root.
Remove custom certificatesOpen your phone's Settings app. Encryption & credentials. Under "Credential storage": To clear all certificates: Tap Clear credentials.
With PS 3.0 there is a more concise and idiomatic approach:
Remove-Item -Path cert:\LocalMachine\My\{Thumbprint} -DeleteKey
See TechNet for all the details.
With PS 3.0, if you want to remove by subjectName
Get-ChildItem -Path Cert:\CurrentUser\My | where { $_.subject -eq "CN=MysubjectName" } | Remove-Item
This approach seems to apply to Powershell 2 only and thus it is outdated.
Remove-Item does not work with certificates because der cert-provider is readonly in powershell. Found that information here
$store = new-object system.security.cryptography.x509certificates.x509Store 'My','CurrentUser'
$store.Open('ReadWrite')
$certs = @(dir cert:\currentuser\my | ? { $_.Subject -like '*MyTestServer*' })
foreach ($cert in $certs) {$store.Remove($cert)}
$store.close() 
I found the solution here in the comments. So it is untested.
Found this article because remove-item wasn't working.
This is not exactly 'true' powershell, but I use this method:
certutil -delstore my "5314bdfa0255be36e53e749d033"
You can get thumbprint via cert:\LocalMachine\my or through certutil. In my case, I have multiple certs with exact same name, so I like above method more because it gives me a specific target when I delete a cert.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With