Removing self signed certificate from my store

Is there a way to remove/ uninstall a self signed certificate from my store using powershell ?

I tried

Remove-Item cert:\LocalMachine\My\$thumb

it did not work, I got an exception saying "Provider does not support this operation"

I also tried

 certmgr.msc /del /n "MyTestServer" /s MY

it did not work either

How can I uninstall certificate from store ??

Thanks in开发者_运维问答 advance Jeez

This approach seems to apply to Powershell 2 only and thus it is outdated.

Remove-Item does not work with certificates because der cert-provider is readonly in powershell. Found that information here

$store = new-object system.security.cryptography.x509certificates.x509Store 'My','CurrentUser'
$store.Open('ReadWrite')
$certs = @(dir cert:\currentuser\my | ? { $_.Subject -like '*MyTestServer*' })
foreach ($cert in $certs) {$store.Remove($cert)}
$store.close() 

I found the solution here in the comments. So it is untested.

Found this article because remove-item wasn't working.

This is not exactly 'true' powershell, but I use this method:

certutil -delstore my "5314bdfa0255be36e53e749d033"

You can get thumbprint via cert:\LocalMachine\my or through certutil. In my case, I have multiple certs with exact same name, so I like above method more because it gives me a specific target when I delete a cert.

With PS 3.0, if you want to remove by subjectName

Get-ChildItem -Path Cert:\CurrentUser\My | where { $_.subject -eq "CN=MysubjectName" } | Remove-Item

With PS 3.0 there is a more concise and idiomatic approach:

Remove-Item -Path cert:\LocalMachine\My\{Thumbprint} -DeleteKey

See TechNet for all the details.

This will work as well in powershell

To get the thumbpeint dir cert:\localmachine\my

To delete the thumbprint del cert:\localmachine\my\thumbprint

Realise this is an old thread, but since I'm looking at doing the same right now thought I'd post. I'm needing to remove from all cert stores by friendly name.

Realise this isn't the answer for OP but may help someone.

If that is required by anyone this works for me dir cert: -Recurse | Where-Object { $_.FriendlyName -like "*SOMENAME*" } | Remove-Item

You are set on wrong cert store

Use $cert = Get-ChildItem -Path "Cert:\CurrentUser\My\THUMBPRINT" instead of cert:\LocalMachine\My\$thumb you say that the certificates are your. So your certificates are stored in -Path "Cert:\CurrentUser\My\THUMBPRINT" CurrentUser = Your user account, and you don't need to change it to your account name.

br.