This solution is based on powershell module PSPKI . Here is a link to download it : https://www.powershellgallery.com/packages/PSPKI/3.2.7.0
Open Poweshell and run the following commands
Import-Module PSPKI
$sCAServer = "<FQDN of your CA Server"
# read certificates into a variable . This needs time
$issued = get-ca $sCAServer | get-issuedrequest
# find the certificate you like to revoke. Adjust the query so the result shows only certificates to remive
$issued | where {$_.commonname -like "Computername1"}
# Finally run the query with Revoke command
$issued | where {$_.commonname -like "Computername1"} | Revoke-Certificate -Reason CeaseOfOperation |
Here an other way using a list of certificate id’s
Import-Module PSPKI
$sCAServer = "<FQDN of your CA Server"
# read certificates into a variable . This needs time
$issued = get-ca $sCAServer | get-issuedrequest -Property CertificateTemplate,UPN,Request.CommonName
$certids = "2766,16536,16537,16538,2848,2925"
foreach ($certid in $certids.split(","))
{
write-host $certid
# $certs | where {$_.RequestID -like $CertId } | Revoke-Certificate -Reason "hold"
$certs | where {$_.RequestID -like $CertId } | Revoke-Certificate -Reason "CeaseOfOperation"
} |