Sign in to follow this  
Followers 0
colombeen

Need help deleting certificates

6 posts in this topic

#1 ·  Posted (edited)

Hi

I've been looking for a way to automatically delete personal certificates on a machine using autoit but so far i haven't really found a solution.

I need to delete certificates with the text "(Signature)" or "(Authentication)". we get alot of problems on computers where lots of people have inserted their eID card so I need to be able to automatically delete those certificates.

Anyone of you guys who has any experience with that?

those certificates can be found in certmgr.msc under personal > certificates or you can see the same info in IE under the properties > content > certificates

greetz

colombeen

EDIT : All certificates are from "Citizen CA" if that helps. also we can't disable the certificate propagation service because we would have problems with apps who rely on that service being active.

Edited by colombeen

Share this post


Link to post
Share on other sites



Hi,

Does this help to start?

HERE

Cheers


Old Scriptology

Visual Ping 1.8 - Mass Ping Program with export to txt delimited.

Desktop 2 RGB and YMCK - Pick a color in the desktop and get the RGB and YMCK code.

Desktop 2 RGB - Pick a color in the desktop and get the RGB code.

ShootIT 1.0 - Screen Capture full and partial screen

[font="'Arial Black';"]Remember Remember The Fifth of November.[/font]

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

I found that topic already but the biggest problem with that is when you try to delete a certificate, certutil want the exact name of the certificate, so i would need  to search for all certificates with (authentication) or (signature) in the name and delete those but there is where I don't know how to do it and i was hoping there would be something in autoit to do this easier.

Edited by colombeen

Share this post


Link to post
Share on other sites

I cant recall any UDF or script for that in AutoIT, so i beliave nothing from the box.

Is powershell and option?

HERE


Old Scriptology

Visual Ping 1.8 - Mass Ping Program with export to txt delimited.

Desktop 2 RGB and YMCK - Pick a color in the desktop and get the RGB and YMCK code.

Desktop 2 RGB - Pick a color in the desktop and get the RGB code.

ShootIT 1.0 - Screen Capture full and partial screen

[font="'Arial Black';"]Remember Remember The Fifth of November.[/font]

Share this post


Link to post
Share on other sites

I'm checking it out. I'll post back when I know more

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

This is what I've done with the powershell part : 

$store = new-object system.security.cryptography.x509certificates.x509Store 'My', 'CurrentUser'
$store.Open('ReadWrite')
$certs = @(dir cert:\currentuser\my | ? { $_.Issuer -match 'Citizen CA' })
foreach ($cert in $certs) {$store.Remove($cert)}
$store.close()

Now i just need to find a way to bind this to a button in my autoit GUI. Pffff :(

so this is what i have so far : 

Run(@ComSpec & ' /c powershell -NoExit -Command "$store = new-object system.security.cryptography.x509certificates.x509Store ''My'', ''CurrentUser''; $store.Open(''ReadWrite''); $certs = @(dir cert:\currentuser\my | ? { $_.Issuer -match ''Citizen CA'' }); foreach ($cert in $certs) {$store.Remove($cert)}; $store.close()"', "", @SW_HIDE)

But I can't read out if there are any errors. Anybody who knows about capturing errors from cmd/powershell output?

Edited by colombeen

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0