I'm trying to delete a certificate from the Root store using WinCrypt API functions like this :
HANDLE hStoreHandle = INVALID_HANDLE_VALUE;
PCCERT_CONTEXT pCertContext = NULL;
char * pszStoreName = "ROOT";
char pszNameString[256];
//hStoreHandle = CertOpenSystemStoreA(NULL, pszStoreName);
hStoreHandle = CertOpenStore(CERT_STORE_PROV_SYSTEM,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_SYSTEM_STORE_CURRENT_USER,
(LPVOID) L"Root");
if(hStoreHandle == INVALID_HANDLE_VALUE)
//Fail
while(pCertContext = CertEnumCertificatesInStore(hStoreHandle, pCertContext))
{
if(CertGetNameStringA(
pCertContext,
CERT_NAME_SIMPLE_DISPLAY_TYPE,
0,
NULL,
pszNameString,
256))
{
if(strcmp(pszNameString, "DummyCertificate") == 0)
{
if(!CertDeleteCertificateFromStore(
CertDuplicateCertificateContext(pCertContext))
)
{
//Fail
}
}
}
else
{
//Fail
}
}
This happens in a function that is called when my application, a Windows Service , is registered with MyService.exe /Service
. So, in theory, it should have all the necessary access it needs to delete a certificate. However, when the CertDeleteCertificateFromStore
function is called, a popup window appears that asks the user if he really wants to delete the certificate.
I'm trying to prevent this window from appearing and delete the certificate silently if found. Any suggestions?
I've looked into the command line utilities certutil
and certmgr
. As I understand it from the Internet, certutil
is somewhat limited on client machines and certmgr
doesn't allow deletion of Root cetificates. I would like a programmatic solution but I'm fine with using a tool if it gets the job done.
You can do a hack by auto-answering the dialog through your program. Try finding the button window associated with the dialog in another thread & post message to generate BN_CLICKED event on the "yes" button.
CERT_SYSTEM_STORE_CURRENT_USER->CERT_SYSTEM_STORE_LOCAL_MACHINE
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.