Reputation: 72630
How to remove a certificate Store added by makecert
Using the -ss option of Microsoft tool MakeCert.exe (-ss specifies the subject's certificate store name that stores the output certificate), I create my own store on a server. I'am able to remove my certificate programaticaly, but I'am not able to remove the store itself. According to the error message this not seems to be supported by the provider.
I can't even use the MMC snapin (certmgr.msc) to remove it. Does anybody know how to do that ?
PS cert:\LocalMachine> Remove-Item .\SigningStore
Remove-Item : L'exécution du fournisseur s'est arrêtée, car le fournisseur ne prend pas en charge cette opération.
Au niveau de ligne : 1 Caractère : 12
+ Remove-Item <<<< .\SigningStore
+ CategoryInfo : NotImplemented: (:) [Remove-Item], PSNotSupportedException
+ FullyQualifiedErrorId : NotSupported,Microsoft.PowerShell.Commands.RemoveItemCommand
The only way I found was to use CertUnregisterSystemStore Win32 API
Upvotes: 11
Views: 14027
Answers (4)
Reputation: 13106
I accidentally created a store called Personal and wanted to get rid of it (of course). Two personal stores to look for ughhh. Anyways, I added a certificate that I had created to that store, copied the thumbprint (and removed the spaces) and then searched the registry for the thumbprint. I discovered I could make them go away by deleting the key (in my case Personal) at [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Personal] (if in the local machine) or at [HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Personal] is in current user. I knew that it wasn't the other one called Personal because the real personal store is actually stored as My.
EDIT: I had to remove a few other keys to solve this but basically search carefully and examine each entry that matches what you are trying to get rid of. For each match, export to a reg file and then delete and test.
This post was a bit helpful as well: http://banachowski.com/deprogramming/2011/01/deleting-unwanted-certificate-stores-from-windows/
Upvotes: 11
Reputation: 77
Use a PowerShell cmdlet:
Remove-Item -Path cert:\LocalMachine\StoreYouWantToDelete
Upvotes: 6
Reputation: 60918
Read this and add-type with c# code with pinvoke (already done!) of crypt32.dll
Upvotes: 5
Reputation: 43499
Did you try the certificate manager tool? http://msdn.microsoft.com/en-us/library/e78byta0%28VS.80%29.aspx (see certmgr.exe /del )
Upvotes: 0
Related Questions
- Remove Expired Certificates with Powershell
- Delete certificate from Computer Store
- Removing self signed certificate from my store
- Removing a certificate from the local machine certificate store in powershell?
- Disable a certificate in the Root using PowerShell
- How to delete a cert mapping entry?
- deleting certs from the "other people" certificate store
- Powershell - Deleting certificate from Store
- How to remove certificate from Store cleanly
- Delete a self signed certificate created using makecert