Encrypted Email - Should 'Expired Certifcates' be backed-up?

FYI, my Comodo Digital Certificate has not expired. This is just to question a thought I had.

Imaginary scenario:

  • I have many Encrypted Emails.
  • My Digital Certificate expires (the 2 years is up).
  • I remove and throw-away the old Certificate, to install a new Certificate.

Could you confirm that I made a big mistake here?

Should I keep all of my Expired Certificates backed-up?

It seems like the obvious thing to do, but I just want to be sure that I’m not missing something.


You should definitely keep a backup of your expired certificate in this case.
It’s needed to decrypt all mails, which were encrypted with the public key of this certificate.

When a certificate expires, this means it gets invalid for signing and encrypting new mails. It doesn’t change anything about the mails, which you sent and received while it was valid.

Perfect answer. Thanks Mike.