Using the -ss
parameter of the Microsoft MakeCert.exe
(-ss indicates the name store of the subject names in which the output certificate is stored), I create my own store on the server. I can delete my certificate programmatically, but I cannot delete the store itself. According to the error message, this is not supported by the provider.
I can’t even use snapin MMC (certmgr.msc) to remove it. Does anyone know how to do this?
PS cert:\LocalMachine> Remove-Item .\SigningStore Remove-Item : L'exécution du fournisseur s'est arrêtée, car le fournisseur ne prend pas en charge cette opération. Au niveau de ligne : 1 Caractère : 12 + Remove-Item <<<< .\SigningStore + CategoryInfo : NotImplemented: (:) [Remove-Item], PSNotSupportedException + FullyQualifiedErrorId : NotSupported,Microsoft.PowerShell.Commands.RemoveItemCommand
The only way I found is to use CertUnregisterSystemStore Win32 API
source share