Delete Untrusted Root CA Certificates

The root certification authority (CA) certificates installed on a server should be from a trusted source. Remove any untrusted cetificates.

To delete untrusted root CA certificates

  1. In Windows 2000, point to Start, and then click Run.

  2. In the Run dialog box, in the Open box, type MMC, and then click OK.

    The Microsoft Management Console (MMC) appears.

  3. In the MMC, on the Console menu, click Add/Remove Snap-in, and then click Add.

  4. In the Add Standalone Snap-in dialog box, click Certificates, and then click Add.

  5. In the Certificates snap-in dialog box, click Computer Account, and then click Next.

  6. In the Select Computer dialog box, enter the name of the computer for the snap-in to manage.

  7. Click Finish, click Close, and then click OK.

  8. Expand the Certificates node.

  9. Expand Trusted Root Certification Authorities.

  10. Click Certificates.

    The details pane appears, showing all of the root CA certificates that are currently trusted.

  11. Delete the root CA certificates that you do not trust.

Did you find this information useful? Please send your suggestions and comments about the documentation to