Reset 'Friendly Name' certificate property using PowerShell

Question

I need to have a certificate's Friendly Name set to an empty value so in Certificate Console Friendly Name column would display <None> . Using this code all I could get is just empty value in the column, not <None> I need.

 gci "Cert:\LocalMachine\My" | ? {$_.Subject -like "CN=mycer*"} | % { $_.FriendlyName = '' }

I also tried $_.FriendlyName = $null which made no difference.

Strange thing - when I clear Friendly Name using console then from Powershell's perspective the value is '' as the following statement produces True : write-host ($_.FriendlyName -eq '') . However, the '' ' value applied vice a versa doesn't provide the expected result.

Any help is greatly appreciated.

UPDATE and ANSWER: As Kory Gill suggested in comments, certutil.exe is indeed the way to get what I need. Having created an clear.inf file with content below

[Version]
Signature = "$Windows NT$"

[Properties]
11 = 

and executed certutil.exe -repairstore -user my "serial number" clear.inf I managed to reset Friendly Name to <None> value.

Answer 1

As an alternative to the PowerShell cmdlet for managing certificates, which may have issues with some properties, one can use certutil.exe as well to manage certs. This is similar to using robocopy.exe instead of Copy-File. Use the tools that give you the desired results...

This link shows an example of how to use certutil to change the friendly name.

Example usage from that page is:

certutil.exe -repairstore my "{serialnumber}" "change-friendly-name.inf"

where the inf file looks like:

[Version]
Signature = "$Windows NT$"
[Properties]
11 = "{text}new friendly name"

See also certutil reference .