The following sample will remove a certificate from MY certificate store of the local machine after locating it by serial number:
# Pass Serial Number of the cert you want to remove
param ($serialNumber = $(throw "Please pass a certificate's serial number to the script"))
# Access MY store of Local Machine profile
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("My","LocalMachine")
# Find the cert we want to delete
$cert = $store.Certificates.Find("FindBySerialNumber",$serialNumber,$FALSE)
if ($cert -ne $null)
# Found the cert. Delete it (need admin permissions to do this)
Write-Host "Certificate with Serial Number" $serialNumber "has been deleted"
# Didn't find the cert. Exit
Write-Host "Certificate with Serial Number" $serialNumber "could not be found"
# We are done
Note: this sample attacks the local machine profile, so by default you will need admin permissions to remove certs from its MY store.
I hope this helps.
Alex (Alejandro Campos Magencio)