Removing certificates on MS Windows.
- From: Manuel Mollar Villanueva <mm.disclosure@xxxxxxxx>
- Date: Sun, 09 Apr 2006 08:04:40 GMT
Hi,
This applies for all MS Windows versions.
If you have a certificate installed on HD (i.e. using the MS Enhaced
CSP), then, following Microsoft, you can remove it using IExplorer, on
the 'Tools' menu, you click 'Internet Options', then you click the
'Content' tab, and then click Remove. This is a well known action
described in
http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c06ie6rk.mspx?mfr=true
Doing this, you effectively remove the certificate, but THE PRIVATE KEY
REMAINS IN THE HD.
You can find a lot of scenarios where this can be a problem. Suppose you
go to a friend's home, you install a pkcs12 file containing your
certificate and private key with "Medium" security level (the default),
then you use it, and when you finishes your work, you remove the
certificate (but NO the private key). Then your friend takes your
certificate (is a public document) and installs it, having your private
key working for him.
The program cleancapi deletes the private keys that are not used by any
certificate.
Source code: http://dwnl.nisu.org/dwnl?fic=cleancapi_0_2_src.zip
Precompiled version: http://dwnl.nisu.org/dwnl?fic=cleancapi_0_2_bin.zip
.
- Follow-Ups:
- Re: Removing certificates on MS Windows.
- From: Mitch Gallant
- Re: Removing certificates on MS Windows.
- Prev by Date: Schannel cache
- Next by Date: Re: Removing certificates on MS Windows.
- Previous by thread: Schannel cache
- Next by thread: Re: Removing certificates on MS Windows.
- Index(es):
Relevant Pages
|
