Trying to resurrect an IIS hosted ASP.NET MVC web app where its SSL certificate has expired, and cant seem to find any concise answers to the following questions about certificates under the Trusted Root...->Certificates...
Q1: when a certificate Expiration Date has passed is it no longer usable and might as well be deleted? (reason I ask is I am seeing on (newer) Windows servers multiple Trusted certs with expiration dates going back as far as 1999 ... and posts saying to delete expired ones)
Q2: an expired certificate can't be extended, you always have to create a new one?
Q3: on one server I found has 4 'localhost' certificates, 2 expired, 2 not. How can I determine which certificate each .NET app is trying to use if there are multiple certificates with the same name? Isn't it just simply the name matching the 'SSL URL' project property in VS?
Q4: wouldn't you only have just 1 self-signed 'localhost' certificate to cover all .net web apps, whether .NET framework or .NET Core? Is there a difference? (trying to work out why there are multiple localhost certificates)
Q5: shouldn't the SSL certificates 'Intended Purposes' for web apps be 'Client Authentication', not 'Server Authentication'? (why am I seeing mainly 'Server' ones)
Apologies if any turn out to be dumb questions, I have spent quite a bit of time looking for answers myself, and looking to get a better understanding before going further.