Retired Microsoft Blog disclaimer

This directory is a mirror of retired "Decrypt My World" MSDN blog and is provided as is. All posting authorship and copyrights belong to respective authors.
Original URL:
Post name: How to remove a certificate from a certificate store programmatically (PowerShell)
Original author: Alejandro Campos Magencio
Posting date: 2012-04-27T05:37:23+00:00

Hi all,

The following sample will remove a certificate from MY certificate store of the local machine after locating it by serial number:

# Pass Serial Number of the cert you want to remove
param ($serialNumber = $(throw "Please pass a certificate's serial number to the script"))

# Access MY store of Local Machine profile 
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("My","LocalMachine")

# Find the cert we want to delete
$cert = $store.Certificates.Find("FindBySerialNumber",$serialNumber,$FALSE)[0]

if ($cert -ne $null)
# Found the cert. Delete it (need admin permissions to do this)

Write-Host "Certificate with Serial Number" $serialNumber "has been deleted"
# Didn't find the cert. Exit
Write-Host "Certificate with Serial Number" $serialNumber "could not be found"

# We are done

Note: this sample attacks the local machine profile, so by default you will need admin permissions to remove certs from its MY store.

I hope this helps.


Alex (Alejandro Campos Magencio)

Share this article:


Comments are closed.