Vista - Microsoft`s Silent Trusted Root Authority update is Invalid?

jgveill · 09-06-2009

Hi,

I'm still searching ... I set my clock back to April 28th 2009. As expected, no more errors and very fast boot. Then I dowloaded the authroot.stl file with the link we have in the CAPI2 errors.

- I clicked on the file. A window opened with " this certificate trust is not valid. The certificate that signed the list is not valid. ". I did nothing with the file and I'm informed it's not valid. Something must really be wrong with the file.

- I clicked on "View Signature". We see that Signing time is May 1st 2009. We can also see : "this certificate is not valid for the requested usage". It's valid from April 11th 2009 to July 11th 2010.

- I clicked on "view certificate". The information we have here is certainly relevant : " the certificate is not valid for the selected purpose ". We have that message for the second time ! It's like we are trying to do something with the wrong file ! Anyway, I decided to click "install certificate". A wizard opens.

- I clicked next

- As I'm not an expert, I took the default choice (Automatically select the certificate store based on the type of certificate). I Clicked next

- We then see the choices we made. I Clicked "finish".

- Surprise : The import was successfull.

I was not too confident that the problem was solved because I was told I didn't have the right file. Boot without changing the date gave no errors. As soon as I set today's date .. CAPI2 errors were back. Il will find what is the trigger date between April 28th and today, it could be usefull.

As the file was properly imported, we can think it should work.

I would be curious to see someone not having CAPI2 errors doing this exercise (do a system restore point before just in case). Will he have the same information on the fact that it's not the right file ???

Meanwhile, for us having the errors, I can see few options :

1- If the file is the good one, then we have other wrong settings somewhere that corrupt the install or validation process.
2- We have other certificate(s) somewhere that was/were not updated and the update process we are using is not the good one. We are just trying to update the wrong certificate(s). No surpise that we are not successfull ...

By the way, following the certificate update, other errors appeared in the CAPI2 log : 2 additional errors related to Microsoft Certificate Trust List Publisher are coming from rundll.32. Some certificates seemed to be accepted, others are not valid for the required usage.

Other thoughts ?

Thanks Jean

09-06-2009	#41 (permalink)
jgveill vista home premium 32 bits 4 posts	Re: Microsoft`s Silent Trusted Root Authority update is Invalid? Hi, I'm still searching ... I set my clock back to April 28th 2009. As expected, no more errors and very fast boot. Then I dowloaded the authroot.stl file with the link we have in the CAPI2 errors. - I clicked on the file. A window opened with " this certificate trust is not valid. The certificate that signed the list is not valid. ". I did nothing with the file and I'm informed it's not valid. Something must really be wrong with the file. - I clicked on "View Signature". We see that Signing time is May 1st 2009. We can also see : "this certificate is not valid for the requested usage". It's valid from April 11th 2009 to July 11th 2010. - I clicked on "view certificate". The information we have here is certainly relevant : " the certificate is not valid for the selected purpose ". We have that message for the second time ! It's like we are trying to do something with the wrong file ! Anyway, I decided to click "install certificate". A wizard opens. - I clicked next - As I'm not an expert, I took the default choice (Automatically select the certificate store based on the type of certificate). I Clicked next - We then see the choices we made. I Clicked "finish". - Surprise : The import was successfull. I was not too confident that the problem was solved because I was told I didn't have the right file. Boot without changing the date gave no errors. As soon as I set today's date .. CAPI2 errors were back. Il will find what is the trigger date between April 28th and today, it could be usefull. As the file was properly imported, we can think it should work. I would be curious to see someone not having CAPI2 errors doing this exercise (do a system restore point before just in case). Will he have the same information on the fact that it's not the right file ??? Meanwhile, for us having the errors, I can see few options : 1- If the file is the good one, then we have other wrong settings somewhere that corrupt the install or validation process. 2- We have other certificate(s) somewhere that was/were not updated and the update process we are using is not the good one. We are just trying to update the wrong certificate(s). No surpise that we are not successfull ... By the way, following the certificate update, other errors appeared in the CAPI2 log : 2 additional errors related to Microsoft Certificate Trust List Publisher are coming from rundll.32. Some certificates seemed to be accepted, others are not valid for the required usage. Other thoughts ? Thanks Jean
My System Specs

Similar Threads
Thread	Forum
self created root certificate still not trusted	PowerShell
Trusted Root Certification Authorities	Vista networking & sharing
Vista Home Premium edition removing SSL certs from Trusted Root Authorities	General Discussion
Adding certificate to trusted root authority	Vista security