Vista Forums - View Single Post - Microsoft`s Silent Trusted Root Authority update is Invalid?

Arden · 06-05-2009

I recently encountered this same error while installing signed installation packages.

I started getting this problem after the certificate "Microsoft Certificate Trust List Publisher" expired on May-27-2009. If I set my system time to May-26-2009 then I do not get the error.

When I extracted authroot.stl from the cab file and installed it (right click->"Install CTL"), the error messages went away. After installation I can see the "Microsoft Certificate Trust List Publisher" certificate in certmgr under "Enterprise Trust"

I did not get this error on my "real" systems, but only on my Virtual Images I test with. My current pet theory is that if a system does not get regular updates, (I keep reverting images back to a saved state for testing) and key Microsoft certificates are not updated before they time out then the automatic certificate update facility will not update the Root List with stl files who’s signatures have invalid trust chains.

I am not sure if this is the same mechanism that caused demx to experience CAPI2 error, clearly it’s not directly related because of the date of the expiration of the certificate.

06-05-2009	#7 (permalink)
Arden Vista Utlimate 32-bit 1 posts	Re: Microsoft`s Silent Trusted Root Authority update is Invalid? I recently encountered this same error while installing signed installation packages. I started getting this problem after the certificate "Microsoft Certificate Trust List Publisher" expired on May-27-2009. If I set my system time to May-26-2009 then I do not get the error. When I extracted authroot.stl from the cab file and installed it (right click->"Install CTL"), the error messages went away. After installation I can see the "Microsoft Certificate Trust List Publisher" certificate in certmgr under "Enterprise Trust" I did not get this error on my "real" systems, but only on my Virtual Images I test with. My current pet theory is that if a system does not get regular updates, (I keep reverting images back to a saved state for testing) and key Microsoft certificates are not updated before they time out then the automatic certificate update facility will not update the Root List with stl files who’s signatures have invalid trust chains. I am not sure if this is the same mechanism that caused demx to experience CAPI2 error, clearly it’s not directly related because of the date of the expiration of the certificate.
My System Specs