Click here to Skip to main content
15,867,594 members
Articles / Programming Languages / C#
Tip/Trick

Programmatically Delete X.509 SSL Cetificates.

Rate me:
Please Sign up or sign in to vote.
5.00/5 (3 votes)
23 Feb 2011CPOL 22.8K   1   2
The solution in this tip will enable you to delete SSL certificates programmatically when you receive the error InvalidOperationException: Found multiple X.509 certificates.
This post is my modified version of two solutions posted on the .NET Framework Developer Forum at: InvalidOperationException: Found multiple X.509 certificates and Getting System.Security.Cryptography.CryptographicException: Access is denied. error on store.Open(OpenFlags.ReadWrite). The credit goes to Madhu Ponduru - MSFT and terryc_ms.

The two posts referred to above helped me to solve an issue that I was having on a computer that had multiple SSL certificates with the name localhost, the location localmachine, and the store trustedpeople. Altogether, there were four certificates. This solution deleted the four offending SSL certificates, and allowed me to create a new one for development purposes.

NOTE: BEFORE PROCEEDING, BE VERY CAREFUL THAT YOU DO NOT DELETE THE WRONG CERTIFICATE.

The code below is a simple C# console application. The three properties that you will need to change to suite your situation are Name, Location, and Store.

MSIL
/*************************************************************************
 * Delete multiple X.509 SSL Certificates.
 ************************************************************************/

using System;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;

namespace SslIssuesDebugger
{
    class Program
    {
        static void Main(string[] args)
        {
            try
            {
                X509Store store = new X509Store(
                    StoreName.TrustedPeople, StoreLocation.LocalMachine
                );
                StorePermission sp = 
                    new StorePermission(PermissionState.Unrestricted);
                sp.Flags = StorePermissionFlags.OpenStore;
                sp.Assert();
                store.Open(OpenFlags.ReadWrite | OpenFlags.MaxAllowed);
                X509Certificate2Collection collection =
                    (X509Certificate2Collection)store.Certificates;
                X509Certificate2Collection fcollection =
                    (X509Certificate2Collection)collection.Find(
                        X509FindType.FindBySubjectName, 
                        "localhost", false
                    );
                Console.WriteLine(
                    "Number of certificates: {0}{1}",   
                    fcollection.Count, Environment.NewLine
                );
                foreach (X509Certificate2 x509 in fcollection)
                {
                    byte[] rawdata = x509.RawData;
                    Console.WriteLine(
                        "Friendly Name: {0}{1}", 
                        x509.FriendlyName, Environment.NewLine
                    );
                    Console.WriteLine(
                        "Simple Name: {0}{1}", 
                        x509.GetNameInfo(X509NameType.SimpleName, true), 
                        Environment.NewLine
                    );
                    store.Remove(x509);
                    Console.WriteLine(
                        "X509Certificate2 for localhost 
                        removed."
                    );
                }
                store.Close();
            }
            catch (CryptographicException ex)
            {
                Console.WriteLine(ex);
            }
        }
    }
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Software Developer Lucid Research Limited
United Kingdom United Kingdom
I have been programming software since 1999. My qualifications include CIW Associate, SCJP for the Java 1.4 Platform, MCAD using Visual C#, and PRINCE2 Practitioner.

Comments and Discussions

 
Praiseonly code from many that actually works on win 10 ... 5 STARS Pin
daemonna6-Feb-17 3:43
daemonna6-Feb-17 3:43 
GeneralReason for my vote of 5 Good, well done. Pin
Member 43208446-Jan-12 9:06
Member 43208446-Jan-12 9:06 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.