heinoganda

@FranceBB What an old version! Update for root certificates: New: CN = Certum EC-384 CA OU = Certum Certification Authority O = Asseco Data Systems S.A. C = PL CN = Certum Trusted Root CA OU = Certum Certification Authority O = Asseco Data Systems S.A. C = PL

In order to solve the problem with YouTube in the last working version of Google Chrome (49.0.2623.112) under Windows XP, you need the option to adapt the user agent. In my case using ModHeader and the following entry: Request Headers: USER-AGENT Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 OPR/36.0.2130.80 (Edition Campaign 67) Remark: So I have the best results on Youtube

Update for root certificates: New: CN = GlobalSign Client Authentication Root E45 O = GlobalSign nv-sa C = BE CN = GlobalSign Client Authentication Root R45 O = GlobalSign nv-sa C = BE CN = GlobalSign Code Signing Root E45 O = GlobalSign nv-sa C = BE CN = GlobalSign Code Signing Root R45 O = GlobalSign nv-sa C = BE CN = GlobalSign Document Signing Root E45 O = GlobalSign nv-sa C = BE CN = GlobalSign Document Signing Root R45 O = GlobalSign nv-sa C = BE CN = GlobalSign Secure Mail Root E45 O = GlobalSign nv-sa C = BE CN = GlobalSign Secure Mail Root R45 O = GlobalSign nv-sa C = BE CN = GlobalSign Timestamping Root R45 O = GlobalSign nv-sa C = BE Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

The message "Google Chrome 49 and Youtube Troubleshooting" was aimed at the users so that they can still use YouTube without any problems under Windows XP! (by the way Chrome 49 does not work on a P3 !!)

Update for root certificates: Delete: CN = Microsoft ECC Root Certificate Authority 2017 O = Microsoft Corporation L = Redmond S = Washington C = US CN = Microsoft EV ECC Root Certificate Authority 2017 O = Microsoft Corporation L = Redmond S = Washington C = US CN = Microsoft EV RSA Root Certificate Authority 2017 O = Microsoft Corporation L = Redmond S = Washington C = US CN = Microsoft RSA Root Certificate Authority 2017 O = Microsoft Corporation L = Redmond S = Washington C = US Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

In order to solve the problem with YouTube in the last working version of Google Chrome (49.0.2623.112) under Windows XP, you need the option to adapt the user agent. In my case using ModHeader and the following entry: USER-AGENT Mozilla/5.0 (Windows NT 5.1; rv:51.0) Gecko/20100101 Firefox/51.0 Update: Request Headers: USER-AGENT Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 OPR/36.0.2130.80 (Edition Campaign 67)

@GrandAdmiralThrawn I am pleased that the Cert Updater works for you. You only need to check whether the functionality of TLS 1.2 works for you under XP Pro x64. https://clienttest.dev.ssllabs.com:8443/ssltest/viewMyClient.html

Unfortunately I have not yet tested it in WX Pro x64, you would have to do that.

Update for root certificates: New: CN = Microsoft ECC Root Certificate Authority 2017 O = Microsoft Corporation C = US CN = Microsoft EV ECC Root Certificate Authority 2017 O = Microsoft Corporation C = US CN = Microsoft EV RSA Root Certificate Authority 2017 O = Microsoft Corporation C = US CN = Microsoft RSA Root Certificate Authority 2017 O = Microsoft Corporation C = US CN = TunTrust Root CA O = Agence Nationale de Certification Electronique C = TN Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

Current download link for Updater Root Certificates and revoked certificates online!

@All Have new build generated by ProxHTTPSProxy v1.5 (Rev3e), python module cryptography-2.8 with openssl-1.1.1d (Thanks to @Mathwiz), cacert.pem, alternativ cacert.pem from MSCerts (Cert_Updater) 11/12/2019 and various modules updated. If anyone has interest please write a PM to me. @Mathwiz Thank you that you made the effort because openssl v1.1.1d for XP. With the files libcrypto_static.lib and libssl_static.lib (renamed libcrypto.lib and libssl.lib) it worked this time. cryptography 2.8 module with OpenSSL -1.1.1d for Python 3.4.4 on WXP, I have tested so far with the following modules: altgraph==0.16.1 appdirs==1.4.3 asn1crypto==1.2.0 cffi==1.13.2 colorama==0.4.1 cryptography==2.8 future==0.18.2 idna==2.8 macholib==1.11 packaging==19.2 pefile==2019.4.18 pyasn1==0.4.8 pycparser==2.19 PyInstaller==3.4 pyOpenSSL==19.1.0 pyparsing==2.4.5 PySocks==1.7.1 pywin32==221 pywin32-ctypes==0.2.0 six==1.13.0 urllib3==1.25.7 For Installing: Uninstall the older cryptography module beforehand (pip uninstall cryptography), then simply unpack the two directories in the python directory python34\lib\site-packages. Download: here Note: The manually installed cryptography module can be uninstalled the usual way (pip uninstall cryptography)!

Update for root certificates: New: CN = A-Trust-Root-07 OU = A-Trust-Root-07 O = A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH C = AT Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

Disallowed certificates New: CN = QuoVadis Root CA 3 G3 O = QuoVadis Limited C = BM CN = QuoVadis Root CA 3 G3 O = QuoVadis Limited C = BM CN = QuoVadis Root CA 2 G3 O = QuoVadis Limited C = BM CN = QuoVadis Root CA 2 G3 O = QuoVadis Limited C = BM CN = QuoVadis Root CA 2 G3 O = QuoVadis Limited C = BM CN = QuoVadis Root CA 2 G3 O = QuoVadis Limited C = BM Update for root certificates: New: CN = ePKI Root Certification Authority - G2 O = Chunghwa Telecom Co., Ltd. C = TW CN = TrustFactory Client Root Certificate Authority OU = TrustFactory PKI Operations O = TrustFactory(Pty)Ltd L = Johannesburg S = Gauteng C = ZA CN = TrustFactory SSL Root Certificate Authority OU = TrustFactory PKI Operations O = TrustFactory(Pty)Ltd L = Johannesburg S = Gauteng C = ZA Delete: CN = ePKI Root Certification Authority - G2 O = Chunghwa Telecom Co., Ltd. C = TW Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

It is located on a country barrier at Zippyshare. Therefore, I have now added an alternative download link via web proxy. https://msfn.org/board/topic/175170-root-certificates-and-revoked-certificates-for-windows-xp/?do=findComment&comment=1110568 Update for root certificates: New: CN = Digidentity Services Root CA O = Digidentity B.V. C = NL CN = HiPKI Root CA - G1 O = Chunghwa Telecom Co., Ltd. C = TW Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.