Check #1 - Misplaced certificates in Trusted Root CA
Check #2 - Duplicates in Trusted Root CA
Check #3 - More than 100 certificates in Trusted Root CA
Check #4 - Root CA certificates in Personal Store
Check #5 - Duplicated Friendly Name
Check #6 - Misplaced Root CA certificates in Intermediate
CA store (Suggested in the comments)
Get-Childitem cert:\LocalMachine\root -Recurse |
Where-Object {$_.Issuer -ne $_.Subject} | Select Issuer, Subject, Thumbprint |
fl
Get-Childitem cert:\LocalMachine\root | Group-Object
-Property Thumbprint | Where-Object {$_.Count -gt 1} | Select-Object
-ExpandProperty Group | Select FriendlyName, Issuer, Subject, Thumbprint | fl
Get-Childitem cert:\LocalMachine\root | Measure
Get-Childitem cert:\LocalMachine\my -Recurse |
Where-Object {$_.Issuer -eq $_.Subject} | Select FriendlyName, Issuer, Subject,
Thumbprint | fl
Get-Childitem cert:\LocalMachine\my | Group-Object
-Property FriendlyName | Where-Object {$_.Count -gt 1} | Select-Object
-ExpandProperty Group | Select FriendlyName, Issuer, Subject, Thumbprint | fl
Get-ChildItem Cert:\localmachine\CA | Where-Object
{$_.Issuer -eq $_.Subject} | Select Issuer, Subject, Thumbprint | fl
