Link to home
Start Free TrialLog in
Avatar of jbla9028
jbla9028Flag for United States of America

asked on

Delete a Certificate VIA powershell based on Certificate Template name.

I need to search for a Certificate issued by a CA template, then delete the cert from the store with powershell. I have looked online and found a couple solutions to query for the certificate template but nothing seems to work for me. anyone have a solution?

Certificate template name is 'XXX Client Computer 2048 Bit-CNG'


Needs to be be able to run on all windows 7/10 workstations with adding any additional 3rd party modules.

Thank you in advance!
ASKER CERTIFIED SOLUTION
Avatar of Aard Vark
Aard Vark
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image
on the CA revoke the certificate as the certificate template is not stored anywhere in the certificate.
Avatar of jbla9028
jbla9028
Flag of United States of America image

ASKER

@Learnctx  I went to run the script and it comes back with blank data. the certificate is still there :(
Avatar of jbla9028
jbla9028
Flag of United States of America image

ASKER

Thanks for the help. I ended up using this script from a fellow coworker. This was a bit challenging to get out of the OID field. This requires powershell v3 or greater.

$certs = get-childitem Cert:\LocalMachine\My | where{$_.Extensions.oid.friendlyname -like "Certificate Template Information"}

foreach($cert in $certs){
    if($(($cert.extensions | where{$_.oid.friendlyname -like "Certificate Template Information"}).format(0) -replace "Template=" -replace "\(.*") -like "XXX Computer 2048 Bit-CNG"){
        get-childitem Cert:\LocalMachine\my | where{$_.Subject -eq "$($cert.subject)"} | remove-item -Force -confirm:$false
    }
    }