Removing self signed certificate from my store

Question

Is there a way to remove/ uninstall a self signed certificate from my store using powershell ?

I tried

Remove-Item cert:\LocalMachine\My\$thumb

it did not work, I got an exception saying "Provider does not support this operation"

I also tried

 certmgr.msc /del /n "MyTestServer" /s MY

it did not work either

How can I uninstall certificate from store ??

Thanks in advance Jeez

Answer 1

With PS 3.0 there is a more concise and idiomatic approach:

Remove-Item -Path cert:\LocalMachine\My\{Thumbprint} -DeleteKey

See TechNet for all the details.

Answer 2

With PS 3.0, if you want to remove by subjectName

Get-ChildItem -Path Cert:\CurrentUser\My | where { $_.subject -eq "CN=MysubjectName" } | Remove-Item

Answer 3

This approach seems to apply to Powershell 2 only and thus it is outdated.

Remove-Item does not work with certificates because der cert-provider is readonly in powershell. Found that information here

$store = new-object system.security.cryptography.x509certificates.x509Store 'My','CurrentUser'
$store.Open('ReadWrite')
$certs = @(dir cert:\currentuser\my | ? { $_.Subject -like '*MyTestServer*' })
foreach ($cert in $certs) {$store.Remove($cert)}
$store.close() 

I found the solution here in the comments. So it is untested.

Answer 4

Found this article because remove-item wasn't working.

This is not exactly 'true' powershell, but I use this method:

certutil -delstore my "5314bdfa0255be36e53e749d033"

You can get thumbprint via cert:\LocalMachine\my or through certutil. In my case, I have multiple certs with exact same name, so I like above method more because it gives me a specific target when I delete a cert.