Removing expired Certificate Authority certificates from the trusted certificate list (2024)
Over time some trusted Certificate Authority (CA) certificates will expire and will no longer be trusted by the Symantec Messaging Gateway (SMG). While there is no harm in leaving the expired certificates in the trusted CA certificate bundle some administrators may want to remove the expired certificates from the SMG control center.
Log on to the SMG control center as an administrator and navigate to Administration > Settings > Certificates
Select the Certificate Authority tab
Click the Backup button and save the file
Click the Restore button
Browse to the backup file you just created, select it, and click "Open"
The expired certificates will not be restored, effectively removing them from the CA certificate list. The following message is displayed in the Control Center after a successful import:
"CA Certificates restored successfully. Note that expired certificates are not imported."
Locate and right-click on the certificate you wish to remove. Click on Properties and then in the General tab, click on Disable all purposes for this certificate in the Certificate purposes section. Hit Apply and restart your server to complete the removal process.
Letting it expire is certainly an option, but it's not a wise one. Similarly, you are allowed to revoke your certificate, although that solution should only be employed if you are closing your business or if you have recently suffered a breach that calls for extensive security updates.
CA certificates have a fixed lifetime, or validity period. When a CA certificate expires, all of the certificates issued directly or indirectly by subordinate CAs below it in the CA hierarchy become invalid. You can avoid CA certificate expiration by planning in advance.
Expand the "Services", and then expand "Public Key Services". Select the "AIA" node. In the right-hand pane, locate the "certificateAuthority" object for your Certification Authority. Delete the object.
Go to the Exclusions pane. Find Trusted Certificates section and select the trusted certificates to be removed. Click the Delete button and the Remove Trusted Certificate dialog window will appear. Click Confirm to remove the selected entries.
In the search field please type in “cmd” and press the Enter key. You should see the C:\Windows\system32\cmd.exe dialog box appear (windows box with the black background) like below. In the C:\users\(your username here)>prompt, type in the following: certutil –urlcache * delete and then press the Enter key.
To remove the certificate from the browser, follow these steps:
Open Google Chrome, click the Customize and control Google Chrome icon (the three vertical dots ) > go to Settings > at the left margin, click Privacy and security > click Security.
How to Revoke a Certificate. If a certificate has been compromised or you have another reason to remove it from circulation, right-click on it in the Issued list, go to All Tasks, then choose Revoke Certificate. The interface will ask you for a reason code and a timestamp.
Press Windows Key + R Key together, type certmgr. msc and hit enter. You will get a new window with the list of Certificates installed on your computer. Locate for the certificate you want to delete and then click on Action button then, click on Delete.
Hobby: Web surfing, Skiing, role-playing games, Sketching, Polo, Sewing, Genealogy
Introduction: My name is Maia Crooks Jr, I am a homely, joyous, shiny, successful, hilarious, thoughtful, joyous person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.