We are in a disconnected domain and have just implemented updated root certificates via group policy. I have found now though, that there are a number of duplicated root certificates in the users store (and many more for mine as i've taken my laptop online once and a while).
I'm looking for a powershell script to go through the root certificate store and delete any duplicates in there.
I've got this so far:
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")
$store.Open("ReadWrite")
$rootcerts = Get-Childitem 'cert:\LocalMachine\root' -Recurse
$ht = @{}
$rootcerts | foreach {$ht["$_"] += 1}
$duplicates = $ht.keys | where {$ht["$_"] -gt 1}
but then how to delete the duplicates has lost me.