Quantcast
Viewing all articles
Browse latest Browse all 12072

Windows update signing certificate invalid on Windows version prior to 8.1

Hi Everybody,

Hopefully this is the right section for my question.

On a Windows 2008 server, we have a replica WSUS installed. An update is not being installed as the certificate verification fails. When manually downloading this file, I see that the certificate, used to sign the executable is not valid anymore (which is correct, however the signed date is within the valid period).

When I check the file on my Windows 8.1 computer, it does see everything as being valid.
It is invalid on Server 2008 / 2008 R2 / Windows 7
It is valid on Windows 8.1 with and without Internet connectivity.

I tried the following on the WSUS server (which does not have an internet connection):

Install all the CRL's of the certificates in the chain
Install the authroot stl file from Microsoft
Installed the rootsupd.exe from Microsoft

Nothing (other than changing the system date 2 years back) works.
Why is this working on Windows 8.1 and not 2008? What was changed in this particular case? I hope somebody knows, and that it is possible to implement/change this on Windows prior to 8.1

Thanks in advance.



Viewing all articles
Browse latest Browse all 12072

Trending Articles