deleting certs from the “other people” certificate store

与世无争的帅哥 提交于 2021-02-07 10:28:59

问题


I have been doing some research to see if there is a way to script this functionality and I cant seem to find where these certs are actually stored. I see the other articles on "deleting certificates from store", but I think these are causing me more confusion.

If I run a search like get-childitem -path cert:\CurrentUser, I don't see the Other People location. But, I am able to see the location in certmgr.msc. I have also checked the reg locations outlined here: https://technet.microsoft.com/en-us/library/cc783813(WS.10).aspx and can't seem to find the location either.

So, I guess my question is as follows:

  1. Can a script be built to go into this location and do a full clean-up?
  2. Where are these certs actually installed on the local system?

Thank you, and I apologize if this seems a little erratic. This has been making my head spin for almost two hours. Thanks.


回答1:


What you are looking for is the AddressBook directory of the CurrentUser store. Do a gci Cert:\CurrentUser\AddressBook and I bet you see the exact same certificates as you do in the 'Other People' section of certmgr.msc. If you do not want to keep any of those certificates deleting them all is as simple as:

Get-ChildItem Cert:\CurrentUser\AddressBook | Remove-Item

They will all be deleted if you do that, so please do so with caution. Just want to get rid of expired certificates? Add a where statement like this:

Get-ChildItem Cert:\CurrentUser\AddressBook | Where{$_.NotAfter -lt [datetime]::Now} | Remove-Item

That one would only remove expired certificates.

Anyway, you want Cert:\CurrentUser\AddressBook.



来源:https://stackoverflow.com/questions/34802019/deleting-certs-from-the-other-people-certificate-store

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!