Certificates can become obsolete for a number of reasons, such as when they are compromised, become corrupted, or are replaced by a new certificate. However, even when a certificate is deleted, the corresponding private key is not deleted.
Before deleting a certificate, be sure that you will not need it later for purposes such as reading old documents that were encrypted with the certificate's private key.
Users or local Administrators is the minimum group membership required to complete this procedure. Review the details in "Additional considerations" in this topic.
|To delete a certificate|
Open the Certificates snap-in for a user, computer, or service.
In the console tree under the logical store that contains the certificate to delete, click Certificates.
In the details pane, click the certificate that you want to delete. (To select multiple certificates, hold down CTRL and click each certificate.)
On the Action menu, click Delete.
Click Yes if you are sure that you want to permanently delete the certificate.
- User certificates can be managed by the user
or by an administrator. Certificates issued to a computer or
service can only be managed by an administrator or user who has
been given the appropriate permissions.
- To open the Certificates snap-in, see
Certificates Snap-in to an MMC.
- You might want to back up the certificate by
exporting it before you delete it. For the procedure to export a
certificate, see Export a