Deleting Root CA Certificates from Google Chrome

PKI Tutorials - Herong's Tutorial Examples

∟Deleting Root CA Certificates from Google Chrome

This section provides a tutorial example on how to delete a certificate from Google Chrome. Deleted certificate can be re-installed back from a certificate file.

As you can see from the previous tutorial, the list of trusted root CA certificates in Chrome is quite long. It contains many root CA certificates you are probably never going to use them. If you want to, you can delete root CA certificates that are not needed from Google Chrome.

Here is what I did on Google Chrome to delete the "DigiCert High Assurance EV Root CA" certificate. If I need this root CA certificate later, I can import it back from the certificate file I saved in the previous tutorial.

1. Click "Start > All programs > Google Chrome".

2. Right-mouse click "Google Chrome", then select "Run as administrator" to start Chrome. Running Chrome as administrator gives you the permission to remove root certificate.

3. Go to the "Settings" after click the menu icon on top right corner. You see the settings page showing up.

4. Click the "Show advanced settings..." link at the bottom.

5. Click the "Manage certificates..." button in the HTTPS/SSL section. You see Certificates manager showing up.

6. Go to the "Trusted Root Certificate Authorities" tab and select "DigiCert High Assurance EV Root CA".

7. Click the "Action > Delete" button, A warning message box shows up:

Delete Root Certificate - Google Chrome — Deleting Root Certificate in Google Chrome

8. Read the warning message and click "Yes":

Deleting system root certificate might prevent some Windows components
from working properly. ... If Update Root Certificates is installed,
any deleted third-party root certificates will be restored
automatically, but the system root certificates will not. Do you want
to delete the selected certificate(s)?