also delete a cert from the store

Author: DeagleGross

src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs

@@ -48,12 +48,8 @@ public void DeleteBindingIfExists(string ipPort)
 
         public void DeleteBinding(string ipPort)
         {
-            Console.WriteLine("Disabling mTLS for http.sys");
-
             var command = $"http delete sslcert ipport={ipPort}";
             ExecuteNetShCommand(command);
-
-            Console.WriteLine("Disabled http.sys settings for mTLS");
         }
 
         public bool TryGetSslCertBinding(string ipPort, out SslCertBinding result)

src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs

@@ -13,11 +13,12 @@ public static SslCertBinding PreConfigureNetsh(
             NetShFlag enableSessionTicket = NetShFlag.Disabled)
         {
             // we will anyway reconfigure the netsh certificate binding, so we can delete it firstly
-            _netshWrapper.DeleteBindingIfExists(httpsIpPort);
-
+            // and also delete a certificate which is bound to the netsh
             if (_netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
             {
-                throw new NetshException($"Binding already exists ({httpsIpPort}). It was unable to be deleted, and run can not proceed without proper configuration. SslCertBinding: " + sslCertBinding);
+                Console.WriteLine($"Deleting certificate (thumbprint='{sslCertBinding.CertificateThumbprint}') from the localmachine(my) store");
+                SslCertificatesConfigurator.RemoveCertificate(sslCertBinding.CertificateThumbprint);
+                _netshWrapper.DeleteBindingIfExists(httpsIpPort);
             }
 
             if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
@@ -47,6 +48,12 @@ public static void ResetNetshConfiguration(
             int certPublicKeyLength = 4096)
         {
             _netshWrapper.DeleteBindingIfExists(httpsIpPort);
+            if (!string.IsNullOrEmpty(_certThumbprint))
+            {
+                Console.WriteLine($"Deleting certificate (thumbprint='{_certThumbprint}') from the localmachine(my) store");
+                SslCertificatesConfigurator.RemoveCertificate(_certThumbprint);
+            }
+
             _netshWrapper.AddCertBinding(
                 httpsIpPort,
                 _certThumbprint,

src/BenchmarksApps/TLS/HttpSys/NetSh/SslCertificatesConfigurator.cs

@@ -0,0 +1,35 @@
+using System.Security.Cryptography.X509Certificates;
+
+namespace HttpSys.NetSh
+{
+    public static class SslCertificatesConfigurator
+    {
+        public static void RemoveCertificate(string thumbprint)
+        {
+            try
+            {
+                using (var store = new X509Store(StoreName.My, StoreLocation.LocalMachine))
+                {
+                    store.Open(OpenFlags.ReadWrite);
+
+                    var certs = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false);
+                    if (certs.Count == 0)
+                    {
+                        Console.WriteLine("Certificate not found.");
+                    }
+
+                    foreach (var cert in certs)
+                    {
+                        store.Remove(cert);
+                        Console.WriteLine($"Deleted certificate (store LocalMachine/My): {cert.Subject}");
+                    }
+                    store.Close();
+                }
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine($"Remove certificate (thumbprint='{thumbprint}') error: {ex.Message}");
+            }
+        }
+    }
+}