0

I have created the encryption certificate using below PowerShell script in dev. environment. Now, I need to create deployment document to configure the encryption on staging environment.

$cert = New-SelfSignedCertificate -Subject "AlwaysEncryptedCert" -CertStoreLocation Cert:LocalMachine\My -KeyExportPolicy Exportable -Type DocumentEncryptionCert -KeyUsage KeyEncipherment -KeySpec KeyExchange -KeyLength 2048

I need to keep the rollback PowerShell scripts to remove the certificate from local machine. What is the correct way of removing the certificate using PowerShell scripts? Can anyone guide me on this?

Improve this question

1 Answer 1

Reset to default
0

It is just Remove-Item to remove the certificate, and then include -DeleteKey to also drop the private key.

Based on your command it should be something like this as you have to pass in the thumbprint of the certificate to the remove command, so we need to look it up first:

Get-ChildItem -Path Cert:\LoaclMachine\My -Recurse -DocumentEncryptionCert | 
    Where-Object Subject -eq 'AlwaysEncryptedCert' | Remove-Item -WhatIf
Improve this answer
1
  • I will check this and confirm you. I also found script to delete the certificate. Commented Jul 19, 2018 at 1:01

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.