Expired SSL Certificates
When a web browser encounters an expired certificate, the browser will normally present the user with a warning message indicating that the certificate has expired. Some browsers will continue connecting to the site after presenting the user with the warning, while others will prompt the user with a dialog box requesting their approval to proceed. These warnings are extremely confusing for the typical web user, and cause most users to question the authenticity of the site they are attempting to view. Removing any SSL Certificates that have already expired from ACM is considered a security best practice to ensure an expired certificate is not inadvertently used. Having a a full inventory of your certificates as well as expiration date can help ensure you stay compliant with the NIST & PCI-DSS frameworks.