Over 1 million tech questions and answers.

Windows 7 certificate enrollment with Cisco IOS Certificate Authority

Q: Windows 7 certificate enrollment with Cisco IOS Certificate Authority

I have Windows 7 client and Cisco router is configured as Certificate Authority. Cisco calls it IOS CA. How can I do certificate enrollment of Windows 7 client with my Cisco IOS Certificate Authority?

Read other answers
Preferred Solution: Windows 7 certificate enrollment with Cisco IOS Certificate Authority

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)



I am trying to resolve an issue where multiple client computers in the organisation are using an internally deployed Root CA certificate (before my time and no longer required) to sign the end entity certificate for external websites, google.co.uk
for example. All SSL sites appeared to be affected by this.

However this is not the case as sub domains of sites with issues show the correct cert chain, the below is for mail.google.com

Removing or untrusting this root ca cert breaks access to these sites.

I have reset root certs in various ways, removed machines from the domain, applied no GPOs, manually updated CRL and pulled down updated certs with rootsupd.exe.
It always attempts to use this rouge CA cert to sign the websites cert.

Any assistance would be much appreciated.

Read other answers

I am trying to install CA root certificate on Windows 7, IE 9.
Encounter error: "Untrusted Certificate".  "This certificate cannot be verified up to a trusted certificate authority."
I have tried to install the certificate to Trusted Root Certificate Authorities->local computer and import was successful. BUT on IE->Internet Options->Certificate->Trusted Root Certificate Authorities, I am unable to find this root CA on
the list.
On mmc->Certificates->Trusted Root Certificate Authorities->certificates, I am able to view this root CA.
I then restarted the IE and view the ssl site again but failed too, "Untrusted Certificate".
Anyone, any idea ?
Eye Gee

A:Unable to Install Root CA Certificate - Certificate cannot be verified up to a trusted certificate authority.

May the following workarounds work for you:
Workaround 1:
Modify the Windows settings to allow the Update Root Certificate feature to update the root certificates automatically. For details, see the following Microsoft TechNet article:
Certificate Support and Resulting Internet Communication in Windows Server 2008
Workaround 2?
If the Update Root Certificate feature cannot automatically update the root certificates, you may contact the website vender to see if there is a hotfix can fix the issue.

Read other 8 answers

Hi, in the Event Viewer I have been getting an error, Event ID 64. I have followed it up, but when I click on the Certificate to renew it, I get message that Windows cannot renew it. Apparently the Certificate will expire on 2/7. I tried to delete it and I get message that it is needed for encryption. Below is the exact message. Do I have to do anything????

Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Date: 22/06/2012 2:43:56 PM
Event ID: 64
Task Category: None
Level: Warning
Keywords: Classic
User: N/A

Certificate for local system with Thumbprint 7e 2f ce f9 7e 33 fb 1a 59 16 f5 0f a5 d3 fc a2 ed 18 21 2f is about to expire or already expired.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<Provider Name="Microsoft-Windows-CertificateServicesClient-AutoEnrollment" Guid="{F0DB7EF8-B6F3-4005-9937-FEB77B9E1B43}" EventSourceName="AutoEnrollment" />
<EventID Qualifiers="32768">64</EventID>
<TimeCreated SystemTime="2012-06-22T04:43:56.000000000Z" />
<Correlation />
... Read more

A:Win7, 64 bit, Windows Certificate Services Client-Auto Enrollment

Have a look at the Resolve section on this page:

Event ID 64

A Guy

Read other 9 answers

I have a successful CA environment working in a Windows 2012 R2-based domain. Recently, some user certificates expired, and when they went to the web page to get a new certificate (https://cert-server/certsrv) using IE 11 on Windows 10 Pro build 1709, they
can go through the pages but the second (https://cert-server/certsrv/certrqus.asp) and third (https://cert-server/certsrv/certrqbi.asp?type=0) pages do not finish loading, no popups asking for permission happen, and when you click 'Submit', you get an error
saying that you can't submit yet because the page hasn't finished loading. (This seems to be a true statement, as evidenced by no list populated if you look at the CSP dropdown box.) This is unique to build 1709. If a user on any lower version of Win 10 Pro
tries the same thing, they succeed in getting their cert.
Has anyone seen this behavior before? It is not a problem with enabling Active Scripting - it is already active. Compatibility mode makes no difference. In our particular environment, web enrollment is the only thing open to us currently. Auto-enrollment
through GPO or other means are not available.
Any help or ideas would be appreciated.

Read other answers


All versions of Windows ship with an ActiveX control known as the
Certificate Enrollment Control, the purpose of which is to allow
web-based certificate enrollments. The control is used to submit PKCS
#10 compliant certificate requests, and upon receiving the requested
certificate, stores it in the user's local certificate store.

The control contains a flaw that could enable a web page, through
an extremely complex process, to invoke the control in a way that
would delete certificates on a user's system. An attacker who
successfully exploited the vulnerability could corrupt trusted root
certificates, EFS encryption certificates, email signing
and any other certificates on the system, thereby preventing the user
from using these features.

An attack could be carried out through either of two scenarios. The
attacker could create a web page the that exploits the vulnerability,
and host it on a web site in order to attack users who visited the
site. The attacker also could send the page as an HTML mail in order
to attack the recipient.

A new version of the control is available that corrects the
vulnerability, and can be installed via the patch. A patch is
available for all other Windows systems, as discussed in the Patch
Availability section below. Internet Explorer 5 or later is a
prerequisite to installing the patch. As discussed in the Caveats
section, customers who operate web sites that use the Certificate
Enrollment Control wil... Read more

A:Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates


Just want you to know you are much better than Microsoft Update Notification.

You run in the background and don't lower my resources and you are always right on time.

keep up the good work....

Mr. Bill should put you on his payroll.

Read other 3 answers

Hi all !

Could somebody please help me out and explain following 4 questions

-> What are the main difference between a a self-sign certification implementation and a PKI?
-> What is the difference in the trust model between X500 certificates and openPGP keys?
-> What is the main difference between file encryption and rights management
-> What are the steps followed within an RM Solution, when a file is protected and authorized user attempts access?

Would be really nice to have a short explanation, not like the one I have myself of a full A4 page

Thanks to all in advance

A:Certificate authority questions

Sorry but we don't do homework so for that reason, together with the fact that you've posted this on at least two other sites, I'm closing this thread.

Read other 1 answers

CNNIC, a certificate authority for the Chinese Government, issued a trusted subordinate (intermediary) certificate to MCS Holdings. This allowed MCS Holding to issue and use a SSL/TLS certificate for any website, but it was expected it would only be used on websites they owned. Instead, it was used internally (and stored in plaintext) to perform a man in the middle attack against all traffic within their company. 

On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC. 
CNNIC is included in all major root stores and so the misissued certificates would be trusted by almost all browsers and operating systems. Chrome on Windows, OS X, and Linux, ChromeOS, and Firefox 33 and greater would have rejected these certificates because of public-key pinning, although misissued certificates for other sites likely exist.
We promptly alerted CNNIC and other major browsers about the incident, and we blocked the MCS Holdings certificate in Chrome with a CRLSet push. CNNIC responded on the 22nd to explain that they had contracted with MCS Holdings on the basis that MCS would only issue certificates for domains that they had registered. However, rather than keep the private key in a suitable HSM, MCS installed it in a man-in... Read more

Read other answers

Researcher Exposes Flaws in Certificate Authority Web Applications.

SSL certificate validation process easy "to game," he says

-- Tom

Read other answers


I have enterprise Certificate authority working at Windows Server 2008r2. All today available updates from Microsoft are installed on the server. 

Through the web interface in the browser IE11 is impossible to request user certificate - when you press "submit" button for certificate request, nothing happens.

At another PC with IE9 all works fine - i can submit request and recive certificate from CA

I installed all available updates for Windows and IE11, but its not resolve problem. I tryed to add CA to Trusted Sites, to set IE11 security settings to minimal level - it not helps 

I found article which describes this problem https://support.microsoft.com/en-us/kb/2988411 , but I have all necessary updates are installed on IE11, including those referred to in article.

How to solve this problem? Use console to request the certificate does not offer, i must be able to request it via the web interface

Read other answers

Is there a rvkroots.exe available for download for the mentioned KB so that I can remediate a Nessus finding?
We are on a disconnected network so windows update is disabled in our network.
In the past we are able to just download rvkroots.exe and push it out to all our Win7 computers.

Read other answers

(I'm cross posting this from
https://answers.microsoft.com/en-us/ie/forum/ie11-windows_7/a-certificate-chain-processed-but-terminated-in-a/e6895c7e-c6b9-4a96-a5f5-a4dcd40b7b45 as directed by the forum moderator there.)

First, I have reviewed the other posts with similar questions and noted that I can install the certificate into root certificates and most likely this problem will go away, some specifics:

1) When a client reported this error using a pop.secureserver.net on an outlook 2003 client, I just figured it was godaddy or the REALLY old Outlook client, but nonetheless, I went in to troubleshoot it and was convinced it was godaddy, but when I tried
to start my Outlook 2016 client on my Windows 10 computer on their network, I got the same error.  Two notes are important: 1) I use godaddy as well and 2) I used the same computer at a different client just yesterday without a single error message.
2) They use POP 995 w/ SSL & SMTP 465 w/ SSL to pop.secureserver.net & smtpout.secureserver.net repsectively
3) I called the company that manages their firewall and was told that everything was fine, but was sent a certificate from the firewall that might fix the problem.
4) The firewall company tells me they use a fortinet firewall

I have some questions that I'm hoping one of the experts here can answer for me:

- What in a firewall setup can cause a certificate to fail as listed in the subject?
- Is there a port or configuration change they... Read more

Read other answers

so whats up with this error message ??
Revocation information for the security certificate for this site is not available. Do you want to proceed? [Yes] [No] [View certificate]

i know it can be unchecked in security option under advanced. but is that really safe to do ???


Steven J Einhorn

Read other answers

I have some Windows 7 systems which have not run Windows Updates for many years, and cannot due to regulatory reasons.   We rely upon Windows to automatically update the Trusted Root Certificate store whenever we browse to a web site/web service
that uses a certificate the system doesn't recognize. 
Sometime recently, the Trusted Root Certificate Store no longer updates automatically.  The Windows Event Log shows an error stating that the certificates cannot be downloaded from:
http : // ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
If we browse to this location manually, the cab file contains an invalid Microsoft certificate. 

This was also an issue in Sept 2018.  At that time, the certificate had expired, and Microsoft eventually updated the certificate to resolve the issue.   This time, the certificate does not appear to have expired.  Why is the certificate
invalid this time, and can Microsoft fix it again?


Read other answers


Really confusing one here. Since this weekend (16/17 July) we have started getting Certificate errors on some sites and applications. This seems to be due to the structure of the URL compared to the "advertised" name IIS is presenting. I'll try
to explain.
I have a site, Website. This is in my domain, domain.com. Therefore the FQDN is website.domain.com. IIS is running and I can access this site through FQDN,NetBIOS or IP address. Good news.
I create a certificate for the server using the FQDN as the subject, I add the Netbios and IP addresses in the Subject Alternate Names and Bind this to port 443 on the server.
I browse to https://website and all is good. I browse to https://website.domain.com I get a certificate error. Checking the certificate, everything is fine, no errors, chain is trusted. open Chrome and do the same, I get that the certificate website.domain.com
is being presented by Website and may not be the site I want.
Using either URL has never been a problem until this weekend, but it seems that IE/Windows/IIS is not liking any URL that is not EXACTLY what IIS is presenting. so my questions are:-
Is anyone else finding this?
Can we issue a certificate that covers all possible DNS resolutions for a site?
How do I control WHAT IIS advertises itself as?
SO far this has affected two major systems on our network and I can see that more will arise, so any help would be appreciated.

Read other answers

In Internet Explorer, when I get a certificate error, if I continue to the web site, I can then view the certificate to see what was wrong.  However, obviously it would be preferable* to see the certificate
before I make the decision to go to the site.  Is this possible?  I'm sure I could use another browser that does this, or maybe use the F12 developer tools, or write a program.   But I'm looking
for a normal-user way to do it.  I think it used to be possible in Internet Explorer, but this might have been 6.x or even earlier.  Or even
way earlier.  Yep.  I'm that old.  I believe this feature is not in Edge either...unless I'm just missing it.  But I'm using ie11 right now.
*understatement level is set to "high".

Read other answers


This update addresses the "Certificate Renewal Wizard Concatenates Certificate" issue in Internet Information Services (IIS) 5.0, and is discussed in Microsoft Knowledge Base (KB) Article Q325827. Download now to correct this issue for IIS 5.0

System Requirements
Supported Operating Systems: Windows 2000

Internet Information Services 5.0
Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server




Read other answers

Can someone walk me through the steps of having Advanced Threat Analytics (ATA) request a new certificate from Active Directory Certificate Services (ADCS)?  I'm not familiar with either product so I will need detailed steps please.  At a high-level
i'm guessing
1. ATA issues a certificate request
2. I send the request to ADCS
3. ADCS issues a cert for that request
4. Install new cert in ATA
I'll need detailed command line statements.  My ATA Center server is named ATASERVER.DOMAIN.ORG, and I but the URL is configured as ATACENTER.DOMAIN.ORG in ATA.  Can the cert handle both the servername and the URL?
Thank you in advance!

Read other answers

Having some fun with a windows 7 setup of DirectAccess, have it configured to use ECC certificates on the client for the IPSec authentication, which was working brilliantly, we even have it loaded up behind a Citrix Netscaler to do SSL offloading of the
HTTPS tunnel encryption. But when trying to get Client Preauthentication working, we hit a snag, it seems that the NetScalers dont support ECC certificates, which is a pain, but something we thought we could work around by using an RSA certificate on the client
to performed the pre-authentication (as shown here https://directaccess.richardhicks.com/2016/05/10/directaccess-ip-https-preauthentication-using-citrix-netscaler/).
So we have three CA's, CA1/2 issue RSA certs and CA3 is setup to do the ECC ones, so nice separation of the chains.
So we have our Cert chain for RSA loaded into the load balancer and a new cert issued to the client from CA1... But, every time the client connects to the server (LB) we see the handshake taking place, the server sends a list of its DNs (CA1/2) (https://blogs.msdn.microsoft.com/kaushal/2015/05/27/client-certificate-authentication/)
to the client, but then the client looks in its store, picks out the ECC certificate (issued from CA3) and fails to authenticate saying no suitable certificate can be found, its like its not even looking at the RSA one at all.
So, thinking something was wrong with the way the LB was asking for client authentication, I tried deleting the ECC cert a... Read more

Read other answers

Good Day

We have a problem where we encrypted files using EFS, however we can't access or decrypt these files now.

We have the certificate in the certmgr.msc but we do see that the key is missing.

I have reproduced this on another computer and was able to run certutil -repairstore -user MY "Serial Number" which worked in repairing the store and files was decryptable again.

However on the machine that encrypted the files that we need to access this is not the case as there is a popup asking for your Smart Card.

We are not using Smart Cards at all, and have had a look at the following article regarding this issue, but the hotfix didn't work: https://support.microsoft.com/en-us/kb/2955631

I have software that can remove the encryption but will require the .pfx file, which can't be exported as the certstore doesn't show that it still has this.

It is a self signed certificate generated by Windows, so I can't request a new one using the CA.

Thanks for your help in advance.

Read other answers

seems that "Microsoft Certificate Trust List Publisher" Certificate Valid:01.27.2017-04.12.2018 is missing following EKU
'Microsoft Trust List Signing' ( ?!
          [ oid]
          [ name] Microsoft Trust List Signing
     [ value] 10
Note: KB2328240 is imho not permanently fixing this problem ! (*curing only some derivated symptoms)

Read other answers

I have a problem with install multiple digital certificate (PKF format) to allow access to one website with different account ID.

Every time I installed the certificate, it is working and allow me access to the website with relevance ID. However, the installed certificate will be missing if I continue to install with another certificate. The way I install the certificate is just double click on the PKF certificate that provided by the website admin, then kept click on the next button until its finish the installation steps. All the certificates will install to "Personal" certificate store folder, but the problem is only one certificate will remain.

I ever try to import all the certificate with using windows certificate manager, is allow me to import all the certificates and able to let me access to the website with select different certificate to login with selected account ID. Anyway this method is only workable if the Internet Explorer is not close after install all the certificates, once the Internet Explorer is close, then all the certificates were gone.

The motioned problem PC is running on Windows XP SP3 with latest update. And the using internet explorer is version 8 with latest update as well.

I had try to reset the Internet Explorer to default, but is not working so, appreciate is anyone can guide me to solve this problem

A:PKF certificate missing after new certificate was installed

Under "Content" in Internet Options, are all your certificates there? Mine are. Either your Admin. or the issuer should have your answer. Some PKFs are not compatible with all OSs or Browsers. Try downloading certificates to Firefox or Chrome and see if that works.

Read other 2 answers

I based my actions amongst others on this source:https://www.adlerweb.info/blog/tag/procurve I am using openssl to create my own CA for my company's switches etc.  and i am having trouble with a number of recent procure switches. I created a root CA (2048 bits rsa, sha1 so as not to make things too difficult)I created a custom TA called "netwerk", uploaded the CA root certificate, so far so good Created a CSR:crypto pki create-csr certificate-name sw1113  ta-profile netwerk usage web subject common-name sw1113 key-size 2048 the rest of the info and extensions like CDP alternative names etc. is being pushed while signing in openssl via an extensions file resulting CSR processed with openssl (keeping it a simple 2048/sha1 leafcertificate) Signed this CSR with the afore mentioned and uploaded root certificate: Resulting PEM pasted to install the generated leaf certificate sw1113(config)# crypto pki install-signed-certificatePaste the certificate here and enter:-----BEGIN CERTIFICATE-----MIIEGjCCAwKgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMCTkwx.....ASCspazUcVeCueTvvVLr4UPObJB1/IBHKHCwkN7nuaTHuiDD8tQzOlWaxry4MsEFGXojuFv1YtFAtlgLlwxvqndi2NysNyqcnZR1o4l0qe4eSrIlUrCyrvyieK5rdQ==-----END CERTIFICATE-----Certificate being installed is not signed by the TA certificate. So, what is going on? The leaf cert is definitely signed by the root cert that was uploaded as TA cert.    Would really appreciat... Read more

Read other answers

Option "Find Certificate" is missed when I try to edit certificate on another computer using mmc.Could you please let me know how can I solve that? I'm sure I'm admin on the remote machine.

Read other answers

Can someone explain how and where I go to obtain a certificate to digitally sign my Windows Mail emails?

Thank you.

A:Windows Mail Certificate

Hi Bazoni,

See if the following helps: Using digital IDs to sign or encrypt Windows Mail messages.

Here's one example of a free Digital Authority to get the certificate: http://simpleauthority.com/.

For others (many not free), check out: http://www.bing.com/search?q=certifi...WLEM&MKT=en-us.

Good luck!

Read other 2 answers

My SSD bit the dust, and I've lost my EFS encryption keys. There exists nowhere in windows.old a .pfx file to be found. I do have the credentials from


I have a .vhd backup of the old drive, but it wasn't bootable with the new SSD. After two weeks of work, I wound up re-installing windows 7 and moving the old installation to windows.old.

I need to get the encryption keys out of windows.old so I can gain access to my encrypted files again. I have the windows.old directory and access to my old user profile, I have the .vhd file (which had issues booting with Virtual Machine--never got around to using third party apps). I also tried using "cipher /x" from within the recovery environment when I was logging in with the correct credentials, but it was telling me the system could not find the file specified.

How can I gain access to my encryption keys from my windows backup image or from my windows.old folders? Alternately, how do I migrate the .vhd to a new hard drive and actually boot the darn thing (bare metal recovery)? Isn't that the point of a whole disk image--to be able to back up to a new hard drive when the old one dies out?


Read other answers

Hi everyone, installed new modem and router using windows xp but windows continues to display ' validating connection' and does not connect to the internet also it display the message 'cannot find certificate to log into sitecom' any advice???

Read other answers

Hello, I work at a school where we use a filter program called BlueCoat this filter allows us to filter both http and https traffic. In order to accomplish this we are required to create an SSL certificate and install in on all our local machines. Without this certificate on the local machine the user is unable to use any SSL traffic. In Windows 7 and earlier installing the certificate in the Trusted Root Certification Authorities through internet explorer allowed the entire system to use that installed certificate. In Windows 8 installing the certificate this way only installs the certificate for Internet explorer and programs like the Windows Metro Store and Windows Update will not work because they are not seeing the SSL certificate. Is there someway to install the SSL certificate so the entire system can use it? I also tried installing with the certification manager with no luck.

Read other answers

Hi guys. Just bought a secondhand PC without any software on it.
The case does have a certificate of authenticity (WinXP Home) stuck on the side with the product key. Does This mean I now have a valid licence for having Windows XP Home on this newly aquired PC. If so, Is it leagal to borrow my friend's disc and install it with my Product key

Read other answers

I'm trying to set up my email account in the mail app. Incoming and outgoing connections are both IMAP using SSL.

The programme tells me that I need that "To use this account you need to install a digital certificate on this PC. Contact you system administrator"

The email settings work fine with Outlook, Windows Live Mail, Apple Mail etc so why is the Mail app asking for this and more importantly, how do I get it working?

A:Windows 8 mail app and digital certificate

same problem here. even i'm confused. help please!

Read other 9 answers

I use my neighbors wi fi and now when i try to connect i get a bubble off the menu bar that says. ..........WINDOWS IS UNABLE TO FIND A CERTIFICATE TO LOG YOU ON TO THE NETWORK.....also the network list says it is validating identity ...ive been using this network and still am......im doing this from a tablet.................my computer is an acer mini laptop with windows xp............what can I do to fix it ?

A:windows unable to find a certificate

Please review the rules before posting again. You missed or forgot:

WiFi "Piggybacking" / "Wardriving" - We do not support the act of using someone else's Internet without permission. Also, please note that almost every ISP prohibits sharing your Internet connection with another home, and we will not assist you in breaking their rules.Click to expand...

Read other 1 answers

I recently (foolishly) played around with my documents & settings drive trying to move it to another partition. In doing so I've managed to nuke my certificate store, and lost my EFS certificate. Given that I've just moved the whole folder from one partition to another and then changed the registry to suit, the store should still be on my hard drive just in the wrong place. Can anybody help with where the store is located and what registry key points to the location? I'm running a standalone XP Pro box, and by the time I realised my mistake the system restore had been overwritten .


A:Solved: Windows certificate store & EFS

Ok, I won't pretend to be an expert on this, but have you tried using the certificates snap-in in mmc?

I notice that if you right-click "Certificates - Current User" one of the options is "Find Certificates".


Read other 2 answers

Hi. I was using Windows 8.1 installed on my C: drive a few days ago. It got infected with virus so I decided to install Windows 10. I formatted my C: drive and installed Windows 10 on it. Once I opened my Windows and went to E: drive, I recalled that I had encrypted everything using EFS and had forgotten to take a backup of the certificate and now I need to recover it somehow.

Very little space on C: drive has been overwritten. I ran a deep scan to recover files and found about 3M files on it. Is there a way I can find out the certificate file? Any pattern or extension I should be looking for? I've already tried .efx but it gives nothing. Is there any other way to recover the certificate?

Read other answers

I am trying to install a vendor?s 64 bit driver on my system running Windows Embedded Standard 7. I am getting errors that the Windows does not have enough information to verify the driver's certificate. 

The vendor has told me that their drivers are digitally signed and that the issue is that my system is not connected to the internet and therefore does not receive windows updates.
They said that if the Windows Root Certificate Program could connect to the internet my issue would be solved.
My system cannot connect to the internet for security reasons. I was wondering if there is any way to fix this issue without connecting to the internet?

Read other answers

Since upgrading to Windows 10 a few of our computers have been having issues. Sometimes when they are trying to access a specific website that requires them to submit a digital certificate to sign in it causes their whole system to freeze. They are using
IE11, but because the military likes to use old technology I have it set to run in an IE9 emulation.

The One X

Read other answers

I have a Win XP Pro system with multiple users. There are files/folders that I want to start using EFS with.

I am very reluctant to do so because I also want a Recovery Agent Certificate defined so that, if needed, I can user the Administrator account or other designated account as the recovery officer/agent.

My knowledge level is high-beginner/low-intermediate. This means that I've worked some of the tools available in the Win XP Utility box (i.e. Local Security Policy; Computer Management).

What I don't know are the tools required for a non-Networked PC to be able to create MS certificate files (.cer); and then use them when the Recovery Agent is configured in the Local Security > Public Key Policies > Encrypting File System.

If anyone could help, I'd appreciate it. Thank you.

Read other answers

Following numerous failed attempts by McAfee's engineers to install my new virus protection subscription, they told me there was a Windows Certificate error and that I would have to contact my laptop's manufacturers, HP/Compaq.My HP/Compaq warranty ran out in 2016, but having Googled about this problem, I checked in the Certificate Manager section to see whether the certificate had perhaps expired as well ...... but no sign of any certificate at all, despite several years of problem-free McAfee and other installations.My computer is obviously unprotected at the moment and this is worrying.  Has the Certificate disappeared along with the warranty?  Can I reinstate my Certificate?  Ultimately, I need my laptop to allow McAfee to install.Or could the Certificate error be something completely different?Thanks for any help.

Read other answers

I cannot get EMET 5.2 certificate pinning to work in Windows 10.
When I test it by pinning an invalid Root CA certificate to the website, EMET does not block website access in Windows 10 like it does in Windows 8.1
Has EMET certificate pinning been disabled in Windows 10 ? If so, has this functionality been superceded by a better technique ?

I have searched high and low, and this is the only anecdotal reference to this I can find:
"Windows 10 does not use certificate pinning, means someone can easily apply a man-in-the-middle-attack for each Microsoft cloud-access for example"

..... Para Dox

Read other answers

I tried to change my network settings from WPA2 to WEP last night and like an ***** I screwed it up. I only wanted to change it over temporarily so I could access the wireless network with another device that isn't compatible with WPA2. I ended up having to restore the Linksys router to its default settings. I then tried to recreate the settings it had before with WPA2 before I messed it up. It was on WPA2-Personal, AES, and I changed the network SSID and passwords back from default. Very basic. I didn't set the router up myself originally, though, so there must be something I'm missing.

I am able to connect via Ethernet cable, but when I try going wireless (on both Windows laptops, one XP and one Vista) I get a message saying "Windows was unable to find a certificate to log you on to the network [my SSID]". Most of the searches I ran on Google had people suggesting that I uncheck "Enable IEEE 802.1x authentication" in the laptop's wireless Authentication settings, but that is already unchecked.

Besides, shouldn't the fix have to do with something in the router settings since the wireless was working before I mucked around with the router? The laptop settings remain unchanged from the when wireless used to work so they should be okay, right?

I also tried setting the router up using Wi-Fi Protected Setup, but after the bar loads to the end it says it was unable to connect. Anyone have any suggestions? Or need more info that... Read more

Read other answers

Hi! We've had his issue since the beginning of our Windows 10 migration spanning over five or six Windows 10 builds. Some of our web pages requires to select a certificate on our smart cards but the "Choose a digital certificate" popup window has
since the beginning of Windows 10 appeared behind the IE11 window. This is confusing for the users and I suspect it's a bug.
Anyone have any more info on the issue? Currently we're on 1803 and are running the latest patches. 

Read other answers

Hi everyone

Im having some difficulty with a laptop.

It won't update because of error 80072EE2

If I use IE8 and try to go to the windows update site it tells me there is a problem with the security certificate.

I'm guessing this is my problem?

What do you think?

Read other answers

Good day,

I work for a company that uses an ethernet connection and a netgear switch to connect a bunch of trucks together, and then software on the main computer to control all the different trucks and display the data off the trucks, rates, pressures, engine diagnostics etc.

Lately I have had an issue with the software on the main computer locking up. When I checked the event viewer the last couple of times I had a crypt32 error right around the time the software froze. Now I understand why this is happening, because windows is trying to update the root certificates, and I'm not connected to the internet.

The questions I have are:

Do you think it's possible that windows trying to update the root certificates could interfere with the connection between the main computer and the pumps, even for just a split second, to interrupt the software?

And also how would I go about trying to recreate the windows certificate update to see if I can make this issue happen again? Is there a program that runs to update the certificates? I've tried searching the internet and can't find a name or anything. This is the most important part of these questions. Recreating this issue and seeing if it shows up in the event viewer is of the utmost importance to me.

Any help would be greatly appreciated,


Read other answers

I have a Sansa e250 MP3 player, since the return of my repaired computer last week during which they had to reconfigure and reinstall windows, Windows does not recognize the Device Security Certificate!

I have tried down loading and installing the 'Firmware' upgrades, the system recovery tool has been down loaded however the pdf file down load on how to use the tool will not down load.

Can anyone help in how to overcome this problem and acquire the 'Certificate' Windows is looking for?

Read other answers

Dear All

I am using Hp520 notebook with Win Xp. When i trying to connect to Wi-Fi, the message flash "Windows was unable to find a certificate to log you on the network". I want to get rid of the problem.

I tried the following:
In the authenciation Tab, i tried to uncheck "Enable IEEE 802.1x" bt it is already disabled and also the box is disabled.

A:Windows was unable to find a certificate to log you on the network


your wireless router is not setup for certificate security.


That's caused by improperly setting the encryption on the Router to WPA-RADIUS instead of WPA-PSK on the client. The router and the client are both trying to find a RADIUS server with which to authenticate. Since you
don't have one, it complains using Microsoft technobabble. Change the
encryption to WPA-PSK (pre-shared key) on both ends.

Read other 1 answers

Sooooo... Here's the problem
Two computers, a desktop and a laptop, both running Windows 8.1, both have all available updates installed, both are connected to the same home wireless network.
On my laptop, when I access my email in the Windows Mail app, under Settings > Account > Gmail (and Yahoo), it jumps to the bottom of the page under the section for the IMAP settings, where it says: "There's a problem with a server's security certificate." When I click "Details," it says "The certificate isn't from a trusted source. Malicious servers might use fake certificates that cause this error." That's it. No error code. It gives me the option to "Ignore certificate errors," which is "(not recommended)." It seems to be downloading the mail, though, so I'm not sure what's going on.
On my desktop with the same Windows account synced over both machines, same email account information, there is no error.
I've tried to Google this but I haven't turned up anything. Does anybody know what's going on here? Why are two machines with the same IMAP information disagreeing about the server certificate's authenticity? This is for both my Gmail and my Yahoo account, so I would think it must be Windows.
I've restarted the laptop twice to see if it would just go away, but no luck.
Please help!

A:"There's a problem with a server's certificate" Windows 8 Mail

OK - sorry. As soon as I posted this, I went back to Google and read somewhere online that changing your date/time settings can affect the Mail app's certificate verification and I was fiddling with my clock yesterday. There's a "real time" oriented PC game that I play and I was trying to speed it up.    I guess I won't do that any more...  
I removed both accounts and added them back, and the server error is now gone. So, we're good here.

Read other 3 answers

I recently bought two Belkin F5D7320 (v8000, latest firmware) Wireless G routers, and I'm having a very strange problem. I set one up to use WPA-PSK. Using my laptop (running XP Pro SP2), I find the SSID (using the Windows wireless utility), then I double-click on the network. I enter in my WPA key, just like I always would, and it goes through the process of acquiring a network address and all of that, but as it's doing that, I get a bubble alert in the system tray which says "Windows was unable to find a certificate to log you on to the network (SSID)."

The connection seems to still work, though; just I get this message. I have tried a few different laptops, and they get the same message. I have other wireless routers secured with WPA, and I have never gotten that message before using the new Belkin. Out of curiosity, I opened up the second identical Belkin router, applied the same WPA settings, and it seemed to do the exact same thing.

I seriously doubt it's a laptop issue, as I have used the same procedure that I have used countless times to connect to WPA-secured networks, and I have also tried this on a few different laptops, with the same result.

I searched for this message, and people almost immediately suggest that it means either the router or computer are configured to use a Radius server. Well, neither are, as far as I can tell. In fact, here are the settings for my router:

Security Mode: WPA/WPA2-Personal(PSK)
Au... Read more

A:Windows was unable to find a certificate to log you on to the network

Each WiFi adaptor has it's own setup utility, eg my Toshiba can with an
Atheros AR5005gs onboad chip and the OEM installed its own connection wizard.

Lots of people have used the MS wireless wizard, but perhaps you need to try the
OEM version.

Read other 5 answers