On multiple (if not all) virtual machines hosted on our Azure environment there's a certificate named 'Windows Azure CRP Certificate Generator' which is about to expire. There's also another certificate with the exact same name, but with a longer expiration date.
If I understand correctly this certificate is used for Microsoft's services and managing the VM. But since we also use SCOM to monitor these VM's, some monitors are reporting the almost expired certificates.
Is it safe to remove these certificate since there's a newer one already present? Or is there any way we can check if the older certificate is still in use?