Delete certificate for all users

Amit Chauhan 1 Reputation point
2022-02-04T05:28:36.93+00:00

We need to delete some organization related certificates from client machine. That machine contain 3 users, we need to login as admin and some how get access to all user certificates and delete those certificates.

Currently to delete certificates we need to enter into specific user account and manually delete certificate from Internet Options -> Content tab -> Certificates, which is time consuming.

Hence, I tried using X509Store:

private void RemoveCertificates(string storeName, StoreLocation location)
{
    X509Store store = new X509Store(storeName, location);
    store.Open(OpenFlags.MaxAllowed);
    try
    {
        var filteredCerts = store.Certificates.Find(X509FindType.FindByIssuerName, "fiddler", false);
        if (filteredCerts.Count > 0)
            store.RemoveRange(filteredCerts);
    }
    catch { throw; }
    finally { store.Close(); }

}

But the problem is, we can do this only for logged-in user, but not for all the users

I also tried entering through registry to get all users from Computer\HKEY_USERS and try to loop and get all the system certificates from:
Computer\HKEY_USERS\<user SID>\SOFTWARE\Microsoft\SystemCertificates

using (var hklm = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default))
using (RegistryKey systemCertificates = hklm.OpenSubKey(sid + @"\SOFTWARE\Microsoft\SystemCertificates", true))
{
    if (systemCertificates != null)
    {
        foreach (var subKeyName in systemCertificates.GetSubKeyNames())
        {
            ...
        }
    }
}

But I'm not getting all the certificates, is there a way to get all the certificates from all the user while login as Admin?

C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,164 questions
{count} votes