Can I delete certificates from the CA?

Learn how you can manage Microsoft security certificates and improve Internet Information Services (IIS) security.

Our certification authority has three certificates instead of one and is using them to issue a new certificate for Internet Information Services (IIS). How can I get rid of the two extra certificates and improve IIS security?
You can't really delete security certificates on the CA as much as you can revoke them. Open the Certification Authority MMC snap-in (either on the CA or on a computer that has the CA MMC snap-in installed). In the "Issued Certificates" folder, locate the certificates that are invalid. Right click on each of them individually and select All Tasks > Revoke Certificate from the menu. When prompted, enter the appropriate reason for revoking the certificate and click "Yes." The certificate will be moved from the Issued Certificates to the Revoked Certificates section.

Dig Deeper on Windows OS and management

Virtual Desktop