JSI Tip 8637. How do I remove unused Windows 2000 Certificate Server key pairs?

To remove unused Windows 2000 Certificate Server key pairs, you would use the Certutil.exe utility, which is available on a Windows 2000 server that has Certificate Services installed:

1. To list the installed keys, open a CMD.EXE window and type:

certutil -key

2. The container names for installed Certification Authorities are listed under Microsoft Base Cryptographic Provider v1.0.

3. To delete an unused container, type:

certutil -delkey <CA_Name>.

NOTE: See How to Use Key and Certificate Backup/Restore Utility.



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish