IS&T recommends deleting expired certificates for the following reasons:
- In Internet Explorer on Windows, it is difficult to tell which certificate is unexpired and which is expired.
- In Safari 3.x on Mac OS X, an expired MIT personal certificate may interfere with accessing MIT certificate-protected websites, even if you have an unexpired certificate.
- In Firefox - on all platforms - unexpired and expired personal certificates can coexist.
Warning: If you send or receive email which has been signed or encrypted with your personal certificate (S/MIME), you must keep that certificate on your system even after it expires, in order to validate and read your email.
Delete certificates from your browser
Alternatively, for Mac OS X 10.7 and later, download and run CertAid 2.x to manage the entire certificate setup and deletion procedure. The procedure includes installing the MIT CA, your personal certificate, deleting old certificates if you so choose, and setting the correct identity preferences via a single, graphical application.