Answer

Can I delete certificates from the CA?

Learn how you can manage Microsoft security certificates and improve Internet Information Services (IIS) security.

Published: 04 Sep 2007

Our certification authority has three certificates instead of one and is using them to issue a new certificate for Internet Information Services (IIS). How can I get rid of the two extra certificates and improve IIS security?

You can't really delete security certificates on the CA as much as you can revoke them. Open the Certification Authority MMC snap-in (either on the CA or on a computer that has the CA MMC snap-in installed). In the "Issued Certificates" folder, locate the certificates that are invalid. Right click on each of them individually and select All Tasks > Revoke Certificate from the menu. When prompted, enter the appropriate reason for revoking the certificate and click "Yes." The certificate will be moved from the Issued Certificates to the Revoked Certificates section.

Can I delete certificates from the CA?

Learn how you can manage Microsoft security certificates and improve Internet Information Services (IIS) security.

Dig Deeper on Windows OS and management

What is a registration authority (RA)?

What is a certificate revocation list (CRL) and how is it used?

Local Group Policy Editor

Get a grip on your infrastructure with a custom MMC