Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. The user certificate is associated with existing private key when re-imported

The user certificate is associated with existing private key when re-imported

Summary

When the certificate snap-in is used to delete the user certificate in user personal store, only the certificate is deleted, the private key is left on the machine. If later the same certificate is imported to user personal store, it’s by design that CAPI2 *may* be able to find the private key even though there was no explicit key association attached to the cert after it was re-imported.

↑ Back to the top

More Information

If you want to delete the private key, the simple way is to export a copy of the cert, with the private key, and select the option to delete the key if the export is successful. You can also delete the key with "certutil -delkey", but the UI is easier for most people.

↑ Back to the top

Keywords: kb

↑ Back to the top

Article Info
Article ID : 2544808
Revision : 1
Created on : 1/7/2017
Published on : 4/27/2011
Exists online : False
Views : 103