In today’s article, we want to inform you about the current problem that arose after updating the Microsoft Certificate Trust List (CTL) in Windows and Windows Server. It unpleasantly affects users of the 1st CA (ICA.cz), whose server certificates have stopp working. We do not yet know the exact reason, but the method of making the change is non-transparent.
Microsoft Certificate Trust List and its updates
The Microsoft Certificate Trust List is a list of root certificate authorities trust by Windows and Windows Server. These are the points of trust to which SSL certificates issu by the world’s certification authorities are bound. When visiting a website, the browser checks the signature of the certificate issuer, which is an Intermiate certificate. This Intermiate is the issuing authority of your client (End-entity) certificate and is sign by the root certificate of the CA. It is self-sign and the system trusts it. If the signatures between the certificates are verifi, the server’s certificate is genuine and is trust by browsers and other programs running on the system.
In current versions of Windows
the list of root certificates is updat automatically. Microsoft determines which certification authorities philippines phone number data will have their certificates in it and oversees the security of this list. Any modifications to the root certificates can then take place from day to day.
A mysterious update caus problems
We have learn that customers of 1. Certificate Authorities are having a problem with broken server certificates on Windows. The problem has been present since the June 23 CTL silent update. Microsoft disabl the option to use Server Authentication for the root certificate 1. Certificate authorities. This caus Windows and browsers relying on its CTL to not want to use server certificates issu by the 1st CA. You may encounter error messages like NET::ERR_CERT_INVALID, sec_error_unknown_issuer or the security certificate present by this website is not secure .
1.CA – problem in Internet Explorer
Server Plaintextcity in the article June 23, 2015 Microsoft Certificate Trust List Update also mentions the silent update and the mysterious shutdown of Server Authentication at several authorities and complains about the absence of information from Microsoft.
We don’t know why Microsoft decid to update the CTL in June and remove the 1. Certificate my first thoughts on our amazon business for 2024 Authority from the root certificate for the purpose of using Server Authentication. Microsoft stopp publishing changes to Root certificates in December 2012, and silent updates to the transparency of the root authority list are not doing well.
It is also not clear why he decid to take this step in the first place and whether the problem affects all bw lists Windows users. We will continue to search for the cause and supplement the article if necessary.