How do I programmatically remove a certificate in Trusted Root Certification Authorities?

Question

I need to be able to remove a specific certificate from each PC in my organization. Yes, I could go seat-to-seat, but I have until Thursday to pull it off, and I don't have the manpower to go seat-to-seat.

Is there a programmatic way of doing this using C#?

Answer 1

I don't think you need to crank out any C# - take a look at certmgr.exe /del.

If you really do want to write some C# today to do this, then take a look at X509Store.Remove.

Answer 2

There's an example in MSDN (click here)

I think the example is self-explanatory, but here's the excerpt:

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.IO;

public class X509store2
{
    public static void Main (string[] args)
    {
        //Create new X509 store called teststore from the local certificate store.
        X509Store store = new X509Store ("ROOT", StoreLocation.CurrentUser);
        store.Open (OpenFlags.ReadWrite);

        ...

        store.Remove (certificate1);
        store.RemoveRange (collection);

        ...

        //Close the store.
        store.Close ();
    }    
}