4

I need to be able to remove a specific certificate from each PC in my organization. Yes, I could go seat-to-seat, but I have until Thursday to pull it off, and I don't have the manpower to go seat-to-seat.

Is there a programmatic way of doing this using C#?

Jerry
  • 4,507
  • 9
  • 50
  • 79

2 Answers2

3

I don't think you need to crank out any C# - take a look at certmgr.exe /del.

If you really do want to write some C# today to do this, then take a look at X509Store.Remove.

Martin Carpenter
  • 5,893
  • 1
  • 28
  • 32
  • I'm looking at those pages. Unfortunately, they don't tell me how to access (if at all) "trusted Root Certification Authorities". I can't see how to get to that store. – Jerry Mar 16 '09 at 22:21
  • The Trusted Root Certification Authorities store is just called "root". Or are you saying you having a "permission denied" problem? – Martin Carpenter Mar 16 '09 at 22:33
  • Nope.. I didn't know it was called ROOT. That solved everything. It's the little details that kill you. – Jerry Mar 16 '09 at 22:40
3

There's an example in MSDN (click here)

I think the example is self-explanatory, but here's the excerpt:

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.IO;

public class X509store2
{
    public static void Main (string[] args)
    {
        //Create new X509 store called teststore from the local certificate store.
        X509Store store = new X509Store ("ROOT", StoreLocation.CurrentUser);
        store.Open (OpenFlags.ReadWrite);

        ...

        store.Remove (certificate1);
        store.RemoveRange (collection);

        ...

        //Close the store.
        store.Close ();
    }    
}
Daniel Fisher lennybacon
  • 3,865
  • 1
  • 30
  • 38
galets
  • 17,802
  • 19
  • 72
  • 101