This document provides the script necessary to programmatically purge all certificates from the ITCM certificate store. You may be doing this for a variety of troubleshooting purposes, likely having to do with implementation of custom ITCM certificates for securing agent communication.
Client Automation (ITCM) -- any version.
Create a batch file with the following content:
echo Purge existing certificates by skid...
for /F "tokens=1-2* delims= " %%a in ('cacertutil list -v ^| findstr /I /C:SKID') do call cacertutil remove -skid:"%%c"
echo Purge existing certificates by subject...
for /F "tokens=1-2* delims= " %%a in ('cacertutil list -v ^| findstr /I /C:Subject') do call cacertutil remove -s:"%%c"
This script will run "cacertutil list -v", and individually remove each certificate by SKID or SUBJECT, until the listing is empty.
Note: These commands cannot be copy/pasted directly to the command line. They must be contained within a batch file, and executed, in order for the for loop to process as designed.