Hello, I'm working on a 2003R2 server's certificate store. In the store "trusted root CA" I noted a lot of certificates of (commercial) CAs which are expired and thus not valid. Am I correct in assuming that these certificates are not needed any more and can be deleted? I vaguely remember having read that in principle I could clear the entire "trusted root" store and it will be filled back in on demand, as soon as anyone tries to access this certificate. Is this mechanism already present in 2003R2?Regards, AngusMac

Thank you.Regards, AngusMac