Select Language

Translate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Products
SSL/TLS Certificates

Basic

Premium

High Assurance

Enterprise EV

Wildcard SSL/TLS

Multi-domain UCC/SAN

Enterprise EV UCC/SAN

Smart SeaL

Overview

Code Signing Certificates

Code Signing

EV Code Signing

Email, Client, and Document Signing Certificates

Basic

Pro

Business

Overview

NAESB Certificates

NAESB Certificate

Content Delivery Network (CDN)

Pro

Business

Enterprise

Which Code Signing Certificate Do I Need?

What is a CDN ?
Solutions

Hosted PKI

World-Class PKI Hosting Infrastructure

Hosted PKI

• World-class PKI hosting infrastructure
• On-line management tools and API
• Significant cost savings over private PKI

Learn More

Custom-Branded Issuing CA

Issue Publicly-Trusted Certificates in your Company's Name

Custom-Branded Issuing CA

• Issue publicly-trusted certificates in your company's name
• On-line management tools and API
• Volume discounts

Learn More

Internet of Things (IoT)

Custom IoT Solutions

Internet of Things (IoT)

• Custom IoT Solutions
• Hosted PKI and branded subordinate CA
• SSL Web Services (SWS) API

Learn More

Government

Protect Personal Data While Providing Essential Services

Government

• Protect personal data while providing essential services
• Trusted and preferred worldwide for SSL/TLS and other X.509 certificates
• On-line management tools and API

Learn More

Energy Industry

North American Energy Standards Board (NAESB) Accredited Certificate Authority

Energy Industry

• North American Energy Standards Board (NAESB) Accredited Certificate Authority
• NAESB client certificates for energy-industry authentication
• On-line management tools and API

Learn More

SSL Manager

Windows Certificate Management Application

SSL Manager

• Order, install, and manage certificates from SSL.com
• Free download
• Works with YubiKey

Learn More

Submit a Ticket

Call: 1-877-SSL-SECURE

Live Chat

Knowledgebase
Company

About SSL.com
Find out more about SSL.com,
A Globally-Trusted Certificate Authority in business since 2002

Blog

Informative updates on SSL.com and PKI

Careers

Looking for a flexible environment that encourages creative thinking and rewards hard work?
We're hiring!

Privacy Policy

• How we collect information about customers
• How we use that information
• Information-sharing policy

Terms Of Service

SSL.com's Terms of Service

CA Repository

• Practices Statement
• Document Repository

Submit a Ticket

Call: 1-877-SSL-SECURE

Live Chat

Knowledgebase
Partners

Overview

Earn revenue by partnering with SSL.com

Overview

• Earn up to 25% commission on referrals
• Reseller and volume purchasing program offers up to 65% wholesale discounts on certificates

Learn More

Referral Link Partners

Hassle-Free Referral link program

Referral Link Partners

• Hassle-Free
• Recurring income
• Commission rates up to 25%
• Free to join

Signup!

Reseller & Volume Purchasing Partners

Wholesale and Reseller Solution

Reseller & Volume Purchasing Partners

• Wholesale Pricing: Discounts up to 65%
• Complete Solution for Certificate Resellers
• Easy API

More Information

Referral Link Program FAQ

Reseller/Volume Purchasing Signup
Support

What is SSL?

SSL in plain English

Play Video

Knowledgebase

• Detailed guides and how-tos
• Frequently Asked Questions (FAQ)
• Articles, videos, and more

Purchase Orders and Quotes

• How to Submit a Purchase Order (PO)
• Request for Quote (RFQ)
• Payment Methods
• PO and RFQ Request Form

Contact Us

• Contact SSL.com sales and support
• Document submittal and validation
• Physical address

Submit a Ticket

Call SSL.com: 1-877-SSL-SECURE

Live Chat

Select Language

Translate

Home » How-Tos » Platform » Windows » Disable a Root Certificate in Windows MMC

Disable a Root Certificate in Windows MMC

Chris Kemmerer
February 24, 2015
Other, Windows
Disable Root Certificate, root certificate, SSL and Digital Certificates, SSL Server Certificate, Windows MMC

SSL.com wants you to be able to manage your own security architecture whenever possible, and thus presents here a method for disabling a root certificate in Windows using Microsoft Management Console (or MMC). Note that you may need to run MMC with Administrator privileges to follow the instructions below.

WARNING! Manually messing about with root certificates is serious juju and can cause serious and unpleasant problems. Remember to always back up your computer before proceeding with any of the steps below. We completely believe your computer should be yours to fix or break – however, SSL.com cannot guarantee the steps given below will not cause other serious problems, and is not liable for any issues that arise from following these instructions.

To Disable a Root Certificate with MMC:

Here’s how to disable a root certificate in Microsoft Management Console.

Open MMC by pressing the Windows key on your keyboard and then typing “MMC”…

…then hit Enter or double-click the icon to start the application.
In MMC, select File > Add/Remove Snap-In (or type control-M).
Add the “Certificates” Snap-In.
Select “Computer Account” and click the Next button…

…then select “Local computer”, then the Finish button.
Click OK to close the Add/Remove Snap-In wizard.
In MMC, click the arrow next to “Certificates (Local Computer)” to reveal the various certificate stores, then click the arrow next to your target certificate, and finally click the “Certificates” folder.

NOTE: In this example, we are disabling a self-signed certificate named “USERTrust RSA Certification Authority” in the root store, but the same steps can be used to disable the Superfish certificate – look for “Superfish” or “VisualDiscovery” in the target certificate.
In the list of certificates, look for your target entry (here, “USERTrust RSA Certification Authority”).
Right-click the target entry and select “Properties” from the dropdown menu.
In the Properties panel, select “Disable all purposes for this certificate”, then click Apply to implement the changes and OK to close the panel.
Now restart your Windows computer to have your changes take effect.

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Chris Kemmerer

All Posts

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Name	Provider	Purpose	Expiration
Google Analytics	Google	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days
StatCounter Analytics	StatCounter	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days

SSL/TLS Certificates

Code Signing Certificates

Email, Client, and Document Signing Certificates

NAESB Certificates

Content Delivery Network (CDN)

Hosted PKI

Hosted PKI

Custom-Branded Issuing CA

Custom-Branded Issuing CA

Internet of Things (IoT)

Internet of Things (IoT)

Government

Government

Energy Industry

Energy Industry

SSL Manager

SSL Manager

Overview

Overview

Referral Link Partners

Referral Link Partners

Reseller & Volume Purchasing Partners

Reseller & Volume Purchasing Partners

Disable a Root Certificate in Windows MMC

To Disable a Root Certificate with MMC:

Chris Kemmerer

Related How Tos

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Subscribe to SSL.com’s Newsletter

certificates

support

programs

company