OPC UA Certificates - Expired Certificates

I was wondering if leaving expired certificates in the OPC UA store (along side the current/non-expired certificates) will cause me any issues long term?

Some back story:

I have a customer with an Ignition edge (v8) install that we don't have remote access to, they recently had the OPC UA cert expire, I went to site and went through the process of deleting the key store file (via windows explorer) and deleting the certificate from the trust store via the web interface and it all resolved nicely.

I now have to setup a process so that the customer company IT team can do this independently next time the cert expires. Unless I give the user/password for the gateway I can't get them to delete the cert from the trust store.

Powershell script run from java ProcessBuilder, perhaps?

Thanks for the idea, I'll certainly look into what I can do here using powershell to remove expired certificates.

Still interested to hear if there would be any issues leaving expired certificates within Ignition?