CertDeleteCertificateFromStore

The CertDeleteCertificateFromStore function deletes the specified certificate context from the certificate store.

#include <wincrypt.h>
BOOL WINAPI CertDeleteCertificateFromStore(
  PCCERT_CONTEXT pCertContext         // in
);

Parameters

pCertContext
Pointer to the certificate context.

Return Values

TRUE if the function succeeded. FALSE if the function failed.

Call GetLastError to see the reason for any failures. This function has the following error codes:

Error code Description
E_ACCESSDENIED Indicates the store was opened read only and a delete operation is not allowed.

Remarks

All subsequent gets or finds for the certificate will fail. However, memory allocated for the certificate is not freed until all duplicated contexts have also been freed.

The pCertContext is always freed by this function via CertFreeCertificateContext, even for an error.

Example

// handle_error() is a function defined in a separate file.
HANDLE          hStoreHandle;
PCCERT_CONTEXT  pCertContext;   

// Open a certificate store and get the PCCERT_CONTEXT of a certificate context.
if(hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,0,NULL,CERT_SYSTEM_STORE_CURRENT_USER,
L"MY"))
printf("The MY store is open. Continue.\n");
else
handle_error("The My store did not open.");
// Find the first certificate in the system store. 
if(pCertContext= CertEnumCertificatesInStore(
hStoreHandle,NULL))
printf("A certificate has been retrieved. Continue.\n");
else     
handle_error("No certificate retrieved. The store may be empty.");
// Delete the certificate.
if(CertDeleteCertificateFromStore(
pCertContext   // The certificate context to be deleted.
   ))
printf("The certificate has been deleted. Continue. \n");
else
// The delete failed. Exit to the error handler.
handle_error("The deletion of the certificate failed.");
// To show that the certificate has been deleted, 
// pCertContext is re-added to the certificate store.
if(CertAddCertificateContextToStore(
hStoreHandle,pCertContext,CERT_STORE_ADD_NEW,NULL))
// The context was added showing it was not there
printf("Context added. The delete functioned correctly. \n");
else
    //
// The context could not be added. The cert had not been 
// deleted; therefore, the cert to be added was a duplicate.
    //  
printf("The cert could not be added. It is a duplicate. \n");
printf("The program ran to completion successfully. \n");

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 95 OSR2 or later.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CertDeleteCRLFromStore