Hi,
To whoever read above article:
DO NOT remove key containers with below names (from here https://forums.iis.net/t/1224708.aspx?C+ProgramData+Microsoft+Crypto+RSA+MachineKeys+is+filling+my+disk+space)
- Microsoft Internet Information Server -> c2319c42033a5ca7f44e731bfd3fa2b5 ...
- NetFrameworkConfigurationKey -> d6d986f09a1ee04e24c949879fdb506c ...
- iisWasKey -> 76944fb33636aeddb9590521c2e8815a ...
- WMSvc Certificate Key Container -> bedbf0b4da5f8061b6444baedf4c00b1 ...
- iisConfigurationKey -> 6de9cb26d2b98c01ec4e9e8b34824aa2 ...
- MS IIS DCOM Server -> 7a436fe806e483969f48a894af2fe9a1 ...
- TSSecKeySet1 -> f686aace6942fb7f7ceb231212eef4a4 ...
Suggest to do cleanup in following steps:
1) Report container (file) names for all certs with private keys
2) Amend pre-defined exclusion list of key container names (see above) with current machine guid
3) Use resulting file list to mark exclusions as readonly
4) Based on current date and read-only attribute absence select key files with LastAccessTime older than 90 days
5) Report on selected into xlsx (name, date of creation etc)
6) Archive selected to separate folder
7) Remove attribute "system" on each selected and delete it from C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
Cheers,
Greg