S
Shannon Jacobs
In http://support.microsoft.com/default.aspx?scid=kb;en-us;293781 there is
the very interesting comment:
"As you may have noticed in the provided information, some of the
certificates have expired. However, these certificates are necessary for
backwards compatibility. Even if there is an expired trusted root
certificate, anything that was signed with that certificate prior to the
expiration date needs that trusted root certificate to be validated. As long
as expired certificates are not revoked, it can be used to validate anything
that was signed prior to its expiration."
Oh! *NOW* you [Microsoft] tell me. Just too bad the information wasn't
provided earlier.
Been wrestling with this problem for several weeks, and though I'm not
certain, I very strongly suspect that what happened is that I deleted a
required security certificate in the foolish belief that the expiration date
had some meaning. Quite trivial to do from IE: Tools menu -> Internet
Options command -> Content tab -> Certificates button -> Trusted Root
Certificates tab. Not certain because it happened a while ago and the
resulting problem is minor, though annoying. Some possibility it may have
been caused by a WindowsUpdate, possibly even one that was pushed onto my
machine by the corporate IT people.
The problem itself is that the computer complains about a new file version
that it can't check. It doesn't reveal what file, and it doesn't actually
say anything about a missing security certificate, but I'm pretty sure
that's what's going on. The SFC fails to run, which is apparently related.
I'm pretty sure that all of the root certificates have been restored, but
either there is a missing certificate somewhere else, or it is some kind of
chain reaction thing.
Anyone else having similar problems? Any suggestions about how to fix it?
Diagnostic steps to identify the missing certificate or even the affected
file?
the very interesting comment:
"As you may have noticed in the provided information, some of the
certificates have expired. However, these certificates are necessary for
backwards compatibility. Even if there is an expired trusted root
certificate, anything that was signed with that certificate prior to the
expiration date needs that trusted root certificate to be validated. As long
as expired certificates are not revoked, it can be used to validate anything
that was signed prior to its expiration."
Oh! *NOW* you [Microsoft] tell me. Just too bad the information wasn't
provided earlier.
Been wrestling with this problem for several weeks, and though I'm not
certain, I very strongly suspect that what happened is that I deleted a
required security certificate in the foolish belief that the expiration date
had some meaning. Quite trivial to do from IE: Tools menu -> Internet
Options command -> Content tab -> Certificates button -> Trusted Root
Certificates tab. Not certain because it happened a while ago and the
resulting problem is minor, though annoying. Some possibility it may have
been caused by a WindowsUpdate, possibly even one that was pushed onto my
machine by the corporate IT people.
The problem itself is that the computer complains about a new file version
that it can't check. It doesn't reveal what file, and it doesn't actually
say anything about a missing security certificate, but I'm pretty sure
that's what's going on. The SFC fails to run, which is apparently related.
I'm pretty sure that all of the root certificates have been restored, but
either there is a missing certificate somewhere else, or it is some kind of
chain reaction thing.
Anyone else having similar problems? Any suggestions about how to fix it?
Diagnostic steps to identify the missing certificate or even the affected
file?