Can I delete expired certificates from the CA Top Secret Security File?

Document ID : KB000016083
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Deleting expired certificates from the security file.

Question:

Can I delete expired certificates from the CA Top Secret Security File?

Answer:

If certificates are already expired, they are treated as if they don't exist.

If a security call is issued to read the digital certificate, CA Top Secret will pass back a not found condition even though they are on the keyring and on the CA Top Secret Security File.

So, deleting a certificate that have already expired, should not cause any problems.