sterdun

Thank you all for enthusiatic responses! My impression is that CCleaner knows where specific applications stash junk. For me, expired certificates fit into that category: why would want to keep them? Situation is worse for corporate proxied network: various misconfigured servers leave junk ceritificates that browser will keep for years. I am not sure of FireFox automatically updates top level certificates. Either way, why would you want to keep old expired ones?

Problem: I recently had to debug a problem where some intranet websites became inaccessible, reporting error 403. The problem was that many of the intranet sites require installing a private certificate in a browser. Once that certificate expires, the site becomes inaccessible (I assume this is conditional to how the site security is configured). It is not an obvious step to check for expired certificates in a broswer: there are no reminders. Proposal: Please consider checking for and removing expired ceritificate in browsers: Firefox + clones, Chrome + clones, other browsers. Make a new option that has to be enabled for this.