When the certificate associated with my SAML identity provider metadata is about to expire, I generate a new metadata XML file with a fresh certificate and upload it in Control Panel. I then observe that the list of certificates associated with the identity provider contains both the old and the new certificate.
Is there a way to “clean up” (delete) the old certificate after it expires, or should I not worry about this, since the continued presence of the old certificate does not do any harm?