I have an issue with expired Trusted Server CAs certificates on a MAG-4610 cluster (ver 8.2R4.1). If I login to the admin web frontend and go to "System > Configuration > Certificates > Certificates Validity Check" and "Check Now" I get a list of expired (or expired in the near future) certificates. The certificates are listed as "Trusted Server CA". Here are two examples
Certificates Certificate Type Expiry Date
CA Disig Trusted Server CA Tue 2016-03-22 01:39:34 GMT Juur-SK Trusted Server CA Fri 2016-08-26 14:23:01 GMT
If I navigate to "... Certificates > Trusted Server CAs" and click on "Show only expired CAs" the expired certificates are NOT displayed. Under the "Search" menu I can type "name parts" of the expired certificates but there they are also not displayed the expired certificates. What is the right way to delete these expired certificates (the expired certificate are really existing in the store, I see they if I export the certificate configuration to a XML file)?
The certificates are in the base configuration. The deletion removes them from being processed and from display (or is supposed to); however, they are present in case the system needs to be restored to defaults for some reason. For the deletion, you are making the correct action by choosing the certificate and then delete. This should be fixed in 8.2R5.1; do you have a test system you can confirm? Unfortunately, it is also possible that you have found something we haven't come across yet.
a MAG as test machine - sorry, but I don't have this. I tried it on the DTE version (8.2R4.1) and I can reproduce the same error. After an upgrade to the 8.2R5.0 --> 8.2R5.1 it looks like the error is removed. I hope I see this behavior if I upgrade the productive MAG devices later.