Microsoft has issued a warning for expired Windows certificates, explaining that users should leave them on the device because they are required for its operation (backward compatibility).
Additionally, Microsoft explains that the deletion of such a certificate could break the operation, making the system impossible to boot.
This usually applies to older versions of Windows as the Windows 10 are not on the list of operating systems where certificates could cause problems.
“Ως μέρος μιας διαδικασίας διαχείρισης εμπιστοσύνης δημόσιου κλειδιού (PKI από το public key Infrastructure), ορισμένοι διαχειριστές ενδέχεται να αποφασίσουν να αφαιρέσουν trusted root CERTIFICATES from a Windows-based domain, a Windows-based server, or a Windows-based client. However, the root certificates listed in the Prerequisites section are required for the operating system to function properly. Because removing the following certificates may limit the functionality of the operating system or cause the computer to fail to start, you should not remove them."
The company says that even if a certificate has expired, the operating system uses it for compatibility with older versions, as it checks for files that have been signed before the expiration date.
"Some certificates have expired. However, these certificates are required for backward compatibility. "Even if there is an expired root certificate, anything signed using that certificate before the expiration date requires validation by a root certificate."
More information you can find in the post of Microsoft. However, the above information applies to Windows 7, Windows Vista, Windows XP, and older Windows Server operating systems.