Recently someone asked a question about how to remove unused certificate stores. GUI and .NET don't provide this functionality (within X509Store class) and you will have to use other things. New Quest AD PKI cmdlets adds some features for certificate stores:
Get-QADLocalCertificateStore -StoreLocation CurrentUser Get-QADLocalCertificateStore -StoreLocation LocalMachine
these commands can be used to explore available certificate containers in CurrentUser and LocalMachine store location. In addition these commands can be used to retrieve certificates from local stores as shown:
Get-QADLocalCertificateStore -StoreLocation LocalMachine -StoreName My | Get-QADCertificate
If your application requires specific certificate store you can easily add new one:
New-QADLocalCertificateStore -StoreLocation CurrentUser -StoreName CustomStoreNameToAdd
If you remove application that used custom certificate store and they aren't removed during uninstallation process you can manually delete them:
Remove-QADLocalCertificateStore -StoreLocation LocalMachine -StoreName CustomStoreToDelete
or equivalent:
Get-QADLocalCertificateStore CustomStoreToDelete LocalMachine | Remove-QADLocalCertificateStore
the only difference between commands is that second command utilizes PowerShell pipeline.
Enjoy the scripting with Windows PowerShell!
Post your comment:
Comments: