jbla9028
asked on
Delete a Certificate VIA powershell based on Certificate Template name.
I need to search for a Certificate issued by a CA template, then delete the cert from the store with powershell. I have looked online and found a couple solutions to query for the certificate template but nothing seems to work for me. anyone have a solution?
Certificate template name is 'XXX Client Computer 2048 Bit-CNG'
Needs to be be able to run on all windows 7/10 workstations with adding any additional 3rd party modules.
Thank you in advance!
Certificate template name is 'XXX Client Computer 2048 Bit-CNG'
Needs to be be able to run on all windows 7/10 workstations with adding any additional 3rd party modules.
Thank you in advance!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
on the CA revoke the certificate as the certificate template is not stored anywhere in the certificate.
ASKER
@Learnctx I went to run the script and it comes back with blank data. the certificate is still there :(
ASKER
Thanks for the help. I ended up using this script from a fellow coworker. This was a bit challenging to get out of the OID field. This requires powershell v3 or greater.
$certs = get-childitem Cert:\LocalMachine\My | where{$_.Extensions.oid.fr iendlyname -like "Certificate Template Information"}
foreach($cert in $certs){
if($(($cert.extensions | where{$_.oid.friendlyname -like "Certificate Template Information"}).format(0) -replace "Template=" -replace "\(.*") -like "XXX Computer 2048 Bit-CNG"){
get-childitem Cert:\LocalMachine\my | where{$_.Subject -eq "$($cert.subject)"} | remove-item -Force -confirm:$false
}
}
$certs = get-childitem Cert:\LocalMachine\My | where{$_.Extensions.oid.fr
foreach($cert in $certs){
if($(($cert.extensions | where{$_.oid.friendlyname -like "Certificate Template Information"}).format(0) -replace "Template=" -replace "\(.*") -like "XXX Computer 2048 Bit-CNG"){
get-childitem Cert:\LocalMachine\my | where{$_.Subject -eq "$($cert.subject)"} | remove-item -Force -confirm:$false
}
}