views:

1040

answers:

2

I need to be able to remove a specific certificate from each PC in my organization. Yes, I could go seat-to-seat, but I have until Thursday to pull it off, and I don't have the manpower to go seat-to-seat.

Is there a programmatic way of doing this using C#?

+1  A: 

I don't think you need to crank out any C# - take a look at certmgr.exe /del.

If you really do want to write some C# today to do this, then take a look at X509Store.Remove.

Martin Carpenter
I'm looking at those pages. Unfortunately, they don't tell me how to access (if at all) "trusted Root Certification Authorities". I can't see how to get to that store.
Jerry
The Trusted Root Certification Authorities store is just called "root". Or are you saying you having a "permission denied" problem?
Martin Carpenter
Nope.. I didn't know it was called ROOT. That solved everything. It's the little details that kill you.
Jerry
A: 

There's an example in MSDN (click here)

I think the example is self-explanatory, but here's the excerpt:

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.IO;

public class X509store2
{
 public static void Main (string[] args)
 {
  //Create new X509 store called teststore from the local certificate store.
  X509Store store = new X509Store ("teststore", StoreLocation.CurrentUser);
  store.Open (OpenFlags.ReadWrite);

  ...

  store.Remove (certificate1);
  store.RemoveRange (collection);

  ...

  //Close the store.
  store.Close ();
 }    
}
galets