PKI Tutorials - Herong's Tutorial Examples - v2.20, by Dr. Herong Yang
Deleting Certificates from IE
This section provides a tutorial example on how to delete a certificate from IE. Deleted certificate can be re-installed back from a certificate file.
As you can see from the previous tutorial, the list of trusted root CA certificates in IE is quite long. It contains many root CA certificates you are probably never going to use them. If you want to, you can delete root CA certificates that are not needed from IE.
Here is what I did on IE to delete the "VeriSign Class 3 Public Primary Certification Authority - G5" certificate, which is actually needed to validate the login.yahoo.com certificate. Let's delete it and see what will happen if we visit https://login.yahoo.com again.
1. Run IE as administrator and click the "Tools" > "Internet Options" menu. The Internet Options dialog box shows up.
2. Click the "Content" tab and the "Certificates" button. The Certificates dialog box shows up.
3. Click the "Trusted Root Certification Authorities" tab. A list of trusted root CA certificates currently installed in IE is listed.
4. Select "VeriSign Class 3 Public Primary Certification Authority - G5" in the list, and click the "Remove" button. A warning message box shows up:
5. Read the warning message and click "Yes":
Deleting system root certificate might prevent some Windows components from working properly. ... If Update Root Certificates is installed, any deleted third-party root certificates will be restored automatically, but the system root certificates will not. Do you want to delete the selected certificate(s)?
6. Close IE.
The "VeriSign Class 3 Public Primary Certification Authority - G5" certificate is deleted from IE now.
Table of Contents