![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 82%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBA%3C/text%3E%3C/svg%3E)
20,223 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello
Thank you for posting in Q&A forum.
Where do you see the expired certificate? CA Properties as below:
If so, for the root CA certificate, delete the old CA certificate from the Certification Authorities tab
1.Start pkiview.msc
2.Right-click Enterprise PKI, and then click Manage AD Containers
3.Click the Certification Authorities tab
4.Select the old root CA certificate and then delete it.
Then you can check if the expired certificate is removed or not.
If it is not the case I mentioned above, do you mean the expired certificate in MMC (by opening certlm.msc) you want to delete? If so, you can right click it and select "Delete".
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.