0

I've managed to add a certificate to windows hello for signin to RDP.

See: https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/rdp-sign-in?tabs=intune

However during testing i've generated a few faulty certificates, i would like to clean them up.

If i use certutil -delkey -csp "Microsoft Base Smart Card Crypto Provider" "ID" i get the message that the smartcard is read-only.

How can i clean up the certificates on the virtual smartcard provided by windows hello?

Improve this question

1 Answer 1

Reset to default
1

I ended up using certutil -csp NGC -key to list all credentials stored in windows hello for business. Then I used certutil -csp NGC -delkey <name> to remove the ones that did not have login.windows.net in the name to clean up all other credentials.

This was not a 100% fix for me as intune seemed to have restored some of the old certificates, but at least i can manage the situation now.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.