When applying the 1.85 RC upgrade, the prerequisite checker reports that the certificate count in the 'Trusted Root Certificate Authorities' store exceeds 200 and that some certificates should be removed. We have had fallout from this issue with other services following Microsoft's recent root certificate update and worked around it by modifying a registry key on those servers that prevents them from sending the CA list and hitting the byte limit that causes the issue, but no one could offer any advice on exactly how to determine which root certificates should be removed. Does anyone here know? Surely we would create some issues by just selecting a bunch and deleting them, but how can we know which Root CAs are needed and which aren't?