Updating root certificates

13-Jun-2016 01:42 by 9 Comments

Updating root certificates - Cam chat over 40

Install the certificates from the SST file with the following command: Run and make sure that all certificates have been added to the Trusted Root Certification Authority.

updating root certificates-61updating root certificates-59

The utility was distributed as a separate update KB931125 (Update for Root Certificates). However, as you can see, these files were created on April, 4, 2013 (almost a year before the end of official support of Windows XP).

Thus, since then the utility has not been updated and cannot be used to install up-to-date certificates. As you can see, a familiar Certificate Management snap-in opens, from which you can export any of the certificates you have got.

To generate an SST file, run this command with the administrator privileges on a computer running Windows 10 and having a direct access to the Internet: As a result, an SST file containing up-to-date list of certificates will appear in the target directory. In my case, there have been 358 items in the list of certificates.

Certificate Authority Wo Sign experienced multiple control failures in their certificate issuance processes for the Wo Sign CA Free SSL Certificate G2 intermediate CA.

Although no Wo Sign root is in the list of Apple trusted roots, this intermediate CA used cross-signed certificate relationships with Start Com and Comodo to establish trust on Apple products.

We are taking further actions to protect users in an upcoming security update.

Apple products will block certificates from Wo Sign and Start Com root CAs if the "Not Before" date is on or after GMT/UTC.In light of these findings, we took action to protect users in a security update.Apple products no longer trust the Wo Sign CA Free SSL Certificate G2 intermediate CA.You can install this file in the system using the context menu of the STL file (Install CTL).Or using certutil: After you have run the command, a new section Certificate Trust List appears in Trusted Root Certification Authorities container of the Certificate Manager console (certmgr.msc).In the same way, you can download and install the list of the revoked certificates that have been removed from Root Certificate Program.