I have created my certificates through Winacme with auto-renewal.
Now the problem I have is that over time more and more certificates seem to be added to the Windows Certificate Store. I have no idea which one I should use now and which ones I can delete, because all are configured with an expiration in the future.
When I check out the SAN property they all hold the same domain values, EXCEPT a single one that contains more domains, which is the one with friendly name [Manual]
(which I find a confusing name since I thought I had set auto-renewal to true).
Also, I'm unsure where parts of that friendly name is coming from, I think WinAcme, and if they hold any deeper meaning: [IIS] (any site)
, [Manual]
, [IIS] hw (+3 others)
, what is really weird about that in my opinion is that [IIS] (any site)
contains a list of domainnames in the friendly URL, that are not in the SAN field of that certificate, e.g. ftp.example.com
is listed in friendly name but not in SAN.
What is the logic behind the friendly names and why are so many certificates created?
See the list here: