If you ever need to know how to �remove all certificates from with a specific issuer, here's a great way to do it.

## This can be a remote PC name as well
$pc = '.'
$cert_store = 'My'

$store = New-Object system.security.cryptography.X509Certificates.X509Store ("\$pcMy"),'LocalMachine' #LocalMachine could also be LocalUser
## Find all certs that have an Issuer of my old CA
$certs = $store.Certificates | ? {$_.Issuer -eq 'CN=HOST.DOMAIN.COM, DC=DOMAIN, DC=EXT'}
## Remove all the certs it finds
$certs | % {$store.Remove($_)}

Join the Jar Tippers on Patreon

It takes a lot of time to write detailed blog posts like this one. In a single-income family, this blog is one way I depend on to keep the lights on. I'd be eternally grateful if you could become a Patreon patron today!

Become a Patron!