You can install certificate into certificate store using Wizard in certmgr.msc (Right click install)? Does anyone knows how to "cleanly" remove all the certificate by either using wizard/Code (pref.) /Script ?

I want to be able to remove everything (that I have installed earlier) from the LocalMachine and/or CurrentUser Store without leaving any residue.

Thanks

You could try the X509Store and releated classes in the .Net Framework to delete a certificate from the certificate store. The following code example deletes a certificate from the current user's My store:

// Use other store locations if your certificate is not in the current user store.
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite | OpenFlags.IncludeArchived);

// You could also use a more specific find type such as X509FindType.FindByThumbprint
X509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, "yoursubjectname", false);

foreach (var cert in col)
{
  Console.Out.WriteLine(cert.SubjectName.Name);

  // Remove the certificate
  store.Remove(cert);        
}
store.Close();

BEGIN EDIT: Based on the comments in the comment section I've updated my answer with a code sample showing how to remove a certificate and all certificates in the chain:

  X509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, "yoursubjectname", false);

  X509Chain ch = new X509Chain();
  ch.Build(col[0]);
  X509Certificate2Collection allCertsInChain = new X509Certificate2Collection();

  foreach (X509ChainElement el in ch.ChainElements)
  {
    allCertsInChain.Add(el.Certificate);
  }

  store.RemoveRange(allCertsInChain);

END EDIT

Hope, this helps.

Old thread, but I just followed the linked post below using Win 7 and it worked nicely... Uses the Management Console.

1. Start -> Run -> mmc.exe
2. Click File -> "Add/Remove Snap-in"
3. Select Certificates, click Add
4. Select "Computer account", click Next.
5. Select "Local computer", click Finish
6. Click OK, which should bring you back to the MMC
7. In left pane, expand Certificates (Local Computer)
8. Do what you will with the listed certificates...

Source: http://windowssecrets.com/top-story/certificate-cleanup-for-most-personal-computers/

You can try certmgr.exe. The following command removes a certificate with a cn of 'commoncertname ' from the local user personal\certificates store.

.\certmgr.exe -del -n commoncertname -c -s -r currentuser my

You can find more information about certmgr.exe here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376553%28v=vs.85%29.aspx

UPDATE

Duh! I can't believe I didn't try this! You can remove certificates with the following:

Get-ChildItem Cert:\CurrentUser\My | Where-Object {$_.Subject -eq 'CN=certCN'} | Remove-Item