Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


heinoganda

Root Certificates and Revoked Certificates for Windows XP

Recommended Posts

Gents - I'll get back to you shortly with more screenshots from this certificate error.

Meanwhile, I just found this in my Event Viewer on my XP machine - and it seems to have been an automatic thing - not done by me manually:

Quote

Event Type:    Information
Event Source:    crypt32
Event Category:    None
Event ID:    7
Date:        2/6/2017
Time:        12:36:30 PM
User:        N/A
Computer:    [My XP computer]
Description:
Successful auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

So - is my PC updating certificates automatically, without my running Heinoganda's Cert_Updater?

Thanks.

Share this post


Link to post
Share on other sites

I get those updates regularly as well.

I think this was mentioned before somewhere way back in the thread, and they are actually something else, and you do still need to update using Heinoganda's program, or another method.

:unsure:
 

Share this post


Link to post
Share on other sites

For one thing, nobody forces you to use the certificate updater and the second the rekoved root certificates do not get you on this way! The actual problem the more modern encryption procedure are used more and more where OE6 its problems is thus not resolved. Send me a few links with which I can test to find a solution or better take a more modern e-mail client (for example Mozilla Thunderbirth or Opera Mail).

:)

Edited by heinoganda

Share this post


Link to post
Share on other sites

The best solution for e-mail is, hands down, any good web-mail server (I don't like Gmail, though...). Tey usually have good anti-spam measures and the messages remain out of one's machine, together with the attachments. Only those attachments one downloads willingly will actually enter one's machine.
I dont like "the clouds" for most uses, but for this one I think it's great! Of course, those are just my 2¢, and YMMV wildly...

Share this post


Link to post
Share on other sites

HOLD ON - I'M EDITING BELOW

Gents - all good advice as always.  My emails back to 2008 are the only reason I'm holding on to my XP machine with OE6 anyway.  Time to plan a migration to my better dual-booting Win 7 - 10 machine - to put an email client on both parts and somehow move my old emails there.  But I think it won't be easy, especially as I would like both parts of the machine to look at the same email databases on a second drive and keep current with each other.

Just FYI - I got a security alert email yesterday from Chase Bank that led me to call them.  Straightened everything out - no problem - but the security emails from Chase generate this new warning about ActiveX when I try to view them:

589dc8a6bca9c_Chaseemailactivexproblem2-9-17.jpg.6947ca1dd7f20d136fae9368348837d0.jpg

And I have also attached a Word doc with screenshots from Natural Rug email's original error message from a few days ago that I described above.

EDIT - I am also attaching the der .cer file from the Natural Rug email - I opened it in notepad and it's in Chinese !!!  Is that normal ???  We've ordered from that company before and they're here in the US.

Thanks !!

Natural Rug certificate error messages 2-2-17.doc

Natural Rugs DER info.cer

Edited by glnz

Share this post


Link to post
Share on other sites

Since I am with the POP fetch with various e-mail clients the setting, the e-mails are not to be deleted by e-mail account, but only by deleting corresponding e-mails in the e-mail client only this from the e- Mail account, you can always access the existing e-mails, regardless of the location or e-mail client. Has me definitely that kind of anger spared to export retrieved e-mails to another e-mail client. On the other hand my assumption is confirmed, on the basis of your certificate info, the OE6 with newer encryption methods not working natively (works on the basis of IE).

:)

Edited by heinoganda

Share this post


Link to post
Share on other sites

authroots.sst and roots.sst (EDIT: updroots.sst too) were updated by Microsoft on 2017/02/28 and released today in March's scheduled release.

Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable RootsUpd.exe should follow his instructions for creating their own, or PM me for an updated EXE file.

Edited by 5eraph
Added updroots.sst to the list.
  • Upvote 5

Share this post


Link to post
Share on other sites

Can someone please give me a good download link to heinoganda's Cert_Updater.exe ... all I keep getting is a download button for the Torch Browser. I know nothing about that browser and have no need for it ... I would like to download the cert updater by heinoganda.

thanks ...

... if that is a good browser for WinXP then I will download if others here are using it.

 

Edited by monroe

Share this post


Link to post
Share on other sites
2 hours ago, monroe said:

Can someone please give me a good download link to heinoganda's Cert_Updater.exe ...

Here it is.

When You are on Zippyshare, press "Download now" link once, then close pop-up window(s), then press "Download now" link once more.:yes:

Edited by Bersaglio
  • Upvote 1

Share this post


Link to post
Share on other sites
11 hours ago, 5eraph said:

authroots.sst and roots.sst were updated by Microsoft on 2017/02/28 and released today in March's scheduled release.

Did you mean "updroots.sst and roots.sst"? Not trying to be nitpicky, I just want to determine if this is yet again a case of MS file caches being out of sync around here. (Last year there was one time it took over a week for the updated files to become available here, even though everyone else seemed to be getting them OK.) As of now, I'm not seeing an authroots.sst update, but I am seeing a new updroots.sst.

Share this post


Link to post
Share on other sites

Thanks Bersaglio for the help explanation. I got the download ... I was not familiar with using the Zippyshare download site. I did seem to be going around in circles at times. I'm not sure how I got the Torch browser download.

monroe

Share this post


Link to post
Share on other sites
55 minutes ago, mixit said:

Did you mean "updroots.sst and roots.sst"? Not trying to be nitpicky, I just want to determine if this is yet again a case of MS file caches being out of sync around here. (Last year there was one time it took over a week for the updated files to become available here, even though everyone else seemed to be getting them OK.) As of now, I'm not seeing an authroots.sst update, but I am seeing a new updroots.sst.

I've now got:

authroots.sst 28/02/17
delroots.sst 12/11/16
roots.sst 24/07/15
updroots.sst 12/11/16
disallowedcert.sst 25/05/16

Does that look right? Of course I can't remember what the dates were before, I should have noted them, but authroots.sst seems to be the only obvious new one.
:)
 

Share this post


Link to post
Share on other sites

If using Firefox, search for the CanvasBlocker add-on. It will block or defeat canvas fingerprinting.

Edit: Looks like Sampei.Nihira already has CanvasBlocker ;)

Edit 2: Well, that was a bust. Cert. Updater is failing for me with this:

Open SrcStore failed => 0x80092003

A search turns up: 0x80092003 = CRYPT_E_FILE_ERROR = An error occurred while reading or writing to the file.

Something must have had the cert. stores in use. I closed Excel and Windows Live Mail and tried again, and it worked. But I only got an updated ROOTS.SST :unsure:

Edited by Mathwiz

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×