it’s the main way for software to verify the identity of a source. without it you let nefarious actors do something like hijack a DNS server and impersonate your servers to your users, which is a pretty big problem if you’re running a software distribution network! it is literally a breach of trust and massive security vulnerability. and it probably broke a ton of shit when software that uses the certificate found an expired one and suddenly (and correctly) refused to work.