When do you need to remove a root certificate? And how do you do it? This article will help to answer these two questions. But first, let's understand what a root certificate is.
Imagine there's a chain. The SSL certificate is chained back to what we call a root certificate used by systems such as browsers and computers. They, along with the intermediate certificate, form the chain of trust. So to put it simply, a root certificate also serves as an important part to ensure secure connection.

When You Need to Remove a Root Certificate?

Although you can always wait for the browser or the operating system's next update to remove an expired or a compromised certificate, you can also choose to remove it yourself if you feel necessary. Or you need to remove a root certificate because you have reasons to believe it's installed without your knowledge.

Before you get started, we'd like to warn you: Be very, VERY careful when you remove a root certificate. We suggest that you back up your data first, just in case, and know what you're doing if you are going to do this.

Remove a Root Certificate from Windows

1. First you need to open the Microsoft Management Console by pressing the “Windows” button and typing “MMC” in the search box.
2. Select "File" --> "Add/Remove Snap-In"
3. Select the "Certificates" snap-in and click on "Add"
4. A window will pop up. Choose "Computer account" --> "Next" --> "Local computer" --> "Finish"
5. Now in MMC, you should be able to see an arrow icon beside "Certificates (Local computer)", click on that arrow to reveal the certificate store.
6. Locate the root certificate that you wish to remove, click on the arrow icon beside it, and select the "Certificates" folder.
7. Right-click on the target certificate and choose "Properties".
8. From the "Properties" window, select "Disable all purposes for this certificate" --> "Apply"
9. Restart your computer.

Remove a Root Certificate from MacOS

1. Go to "Finder", click "Go" from the menu and select "Utilities"; Alternatively, you can use the shortcut keys "Shift+Command+U"
2. Double click on "Keychain Access", and you'd be able to see the 4 main keychains on the left
3. Select "System Roots", and then double click on the root certificate that you wish to remove
4. A window displaying the trust settings and details will pop up. Under the "Trust" section, find the "When using this certificate" drop-down menu, and mark it as "Never Trust"

Remove a root certificate on Mozilla Firefox

1. Launch the Firefox browser, click on "Menu" in the top right corner and find "Options"
2. Choose "Privacy and Security", scroll down until you find "Certificates", and click on "View certificates"
3. Click on the "Authorities" tab, locate the root certificate you want to remove, and click on "Delete or Distrust"
4. A resulting dialog box will appear. Make sure that you choose the correct root certificate, and hit "OK", and done!

Remove a Root Certificate from Android Devices

Since smartphones now have become the more popular way of surfing the Internet and shopping online, they also come with root certificates. As a result, there are occasions where you have to remove root certificates manually on your phone. The steps are quite simple too.

1. Tap on the "Settings" icon, swipe down and tap on "Biometrics and security"
2. Swipe down until you find "Other security settings"
3. Tap on "View security certificates" to display a list of system and user certificates
4. Find the certificate you want to remove, and switch the toggle to disable it. 

Note: These steps are done based on Samsung Galaxy phones. If you're using other Android devices, the steps are more or less the same. Look for "security", "trusted credentials" and similar terms in your phone Settings.

Remove a Root Certificate from iOS Devices

1. Tap on the "Settings" icon --> "General" --> "Profiles"
2. From there, choose the profile that contains the root certificate you want to remove
3. Tap "Delete profile" and enter your password
4. Tap "Delete" again to finish the process

If you don't see the profile option, probably because there isn't one installed on your iPhone or iPad now; and check your iOS version as well.
That's it for removing a root certificate. If you have more questions, feel free to leave a message.