Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


heinoganda

Root Certificates and Revoked Certificates for Windows XP

Recommended Posts

Hello all,

as announced I have released a new CAupdater - and here is how it works.

Download via CAupdater, password is

wU8moSRS1S9vfYc

Installation is easy, only extract the 7z file (and see under "/docs").

The benefit is the enhanced error handling.

CAupdater will install only NEW MS CAstore (sst) files (always together with files not updated but still actual), regardless if incorrect OLDER files offered on MS servers.

CAupdater use the update procedure as offered from MS regardless the version previous installed via WU / MU.
Only WGET is used additionally to download the MS CAstore (sst) files, there are no other third party tools for the update of the CAstore.
CAupdater himself only manage and launch the update.
You can find the full AutoHotkey (AHK) code with comments of CAupdater.exe in the subdirectory "docs", see the file CaUpdater.ahk.txt.

This are the steps CAupdater make.
Every step, even every single MS CAstore (sst) file install, has a error routine and give a feedback about any error.

1. WGET looks for newer MS CAstore (sst) files on MS server and download them local only if they are newer as local stored.

2. Then compare the actual local stored MS CAstore (sst) file dates with the last installation (the file dates of the previous update are stored in the CAupdate INI file).

3. Then ask for confirmation to update the local client CAstore if one ore more local stored MS CAstore (sst) files are new.

4. If "YES" install ALL local stored MS CAstore (sst) files (ALL - this is the same as the MS CAstore update do).
   If "NO" CAupdater do nothing - and finish.
   The five commands to install the MS CAstore (sst) files are:

    updroots.exe authroots.sst
    updroots.exe -d delroots.sst
    updroots.exe -l roots.sst
    updroots.exe updroots.sst
    updroots.exe -l -u disallowedcert.sst

5. At last show the status (or errors if some), safe new installed MS CAstore (sst) file dates in CAupdater INI file and finish.
   If errors occure, only the date and status of the update try is stored in the INI file, so you can look for the problem and try again.

With this steps only NEW MS CAstore (sst) files will be installed (always together with files not updated but still actual), regardless if incorrect OLDER files offered on MS servers.

When you run CAupdater the first time there are no file dates in CAupdater INI file present.
So ALL MS CAstore (sst) files marked as NEW in the confirmation dialog.
This is also a way to install all MS CAstore (sst) files again - simply delete all the file date entries under section [CAupdaterLog] in CAupdater INI file and start CAupdater again.

If you want to run CAupdater without any confirmation dialog you can set the entry "NoConfirmation=1" in CAupdater INI file.
Then only Errors will be shown.
With set to 2 only a small information dialog is shown on the end and close after five seconds.

For special situations you can use two batch files stored in the subdirectory "UpdRoots".
This will install the local stored MS CAstore (sst) files the same way as WU / MU do and set also all registry settings needed.
The two batch run only this commands:
#RootsUpdate.bat        Rundll32.exe advpack.dll,LaunchINFSection rootsupd.inf,DefaultInstall
#RevokedRootsUpdate.bat        Rundll32.exe advpack.dll,LaunchINFSection rvkroots.inf,DefaultInstall

The INF files are modified as shown by heinoganda in the first post of this thread

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×