----- *Vanguard* wrote: ----
Nicholas said i
I have at least 10 Invalid or Expired Certificates in Intermediat
and Trusted Root Certification Authorities .Should I remove the
because they would be renewed when I visited each particular websit
? 1 is a Microsoft Autheticode certificate, another Microsof
timestamp certificate , and another, a Microsoft Root Authorit
Certificate
I forgot which software vendor I asked of this, but when I asked why
needed their expired certificate, I was told that it was required fo
their product to work as part of some authentication scheme. It didn'
matter that the certificate had expired. Their product would look for
specific certificate (they have serial numbers), check it attribute
(but not that it expired), and qualify that their product could the
run. I think it was Symantec that told me this regarding their Norto
Internet Security or Anti-Virus products probably regarding LiveUpdate
I don't see any expired Symantec certs now so maybe their LiveUpdate go
newer ones (it does require a root cert from Symantec before LiveUpdat
will work so maybe the install-time certs had already expired; I'm stil
using the prior NIS2003 version), or it was because I downloaded thei
newest version of LiveUpdate and maybe it includes a newer cert in it
install
That was for expired certs, not for revoked ones. For me, there ar
even a couple expired certs from Microsoft (they show in the Untruste
Certificates category) but I'm a bit leery about them because thei
Friendly Name is "Fraudulent, NOT Microsoft". I suppose it is possibl
the Microsoft knows of a couple illegal certs pretending to be them s
they install them but as expired and with a warning in Friendly Name t
prevent products that use those illegal certs from running or validatin
using them. So if the certificate can be identified by its "Issued To
value, and especially in the descriptions, like Friendly Name, maybe yo
can identify for what product the cert is used
Even if you decide to delete them, first export them (and include th
private key). Then, in case you find something doesn't run because i
cannot find a digital signature for authentication, you can import th
saved cert
--
___________________________________________________________
*** Post replies to newsgroup. Share with others
*** Email: domain = ".com" and append "=NEWS=" to Subject
___________________________________________________________
I remembered being told something similar to what you wrote about compatibility , I think you are right. I updated Symantecs old Live Update 2 apparently and that went well, but had 2004 Antivirus. Seemed odd. By exporting I thought I would get a chance to export it to somewhere in particular but I did not get the opportunity to choose. Where did it go ?Thankyou for your reply