Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


heinoganda

Root Certificates and Revoked Certificates for Windows XP

Recommended Posts

Thanks, Mcinwwwwwwwwl and heino.  What version of certupdater should I be running on my XP machine, and should I just run it, or should I be doing something special with its folder or files?  I have been using Cert_Updater_v1.6.exe, but it came with other files that I don't understand.

I notice that many incoming emails on my XP machine (coming into Outlook 2003) have images that don't show -- I get blanks and a small square with a red X -- and yes I run certupdater every few months.  Maybe I'm NOT picking up the right cert files ???

Share this post


Link to post
Share on other sites

1 hour ago, glnz said:

I notice that many incoming emails on my XP machine (coming into Outlook 2003) have images that don't show -- I get blanks and a small square with a red X -- and yes I run certupdater every few months.  Maybe I'm NOT picking up the right cert files ?

Images often downloaded separately from the email that contains them because they're so large. Outlook uses IE to download these images. If IE can't download an image you'll get the red X, but there are lots of reasons IE might not be able to download from a particular server besides a certificate problem. For example, there may not be a TLS cipher that both the server and IE support. You may find that installing @heinoganda's version of ProxHTTPSProxyMII will resolve many of those download failures.

  • Like 2

Share this post


Link to post
Share on other sites

CertUpd.jpg

Update for root certificates:

New:

CN = A-Trust-Root-07
OU = A-Trust-Root-07
O = A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH
C = AT

 

Those using heinoganda's Cert_Updater.exe should run it ASAP. Others needing a redistributable rootsupd.exe should follow his instructions for creating their own, or PM at 5eraph for an updated EXE file.

:)

  • Like 5

Share this post


Link to post
Share on other sites
On 11/11/2019 at 5:27 PM, Mathwiz said:

Images often downloaded separately from the email that contains them because they're so large. Outlook uses IE to download these images. If IE can't download an image you'll get the red X, but there are lots of reasons IE might not be able to download from a particular server besides a certificate problem. For example, there may not be a TLS cipher that both the server and IE support. You may find that installing @heinoganda's version of ProxHTTPSProxyMII will resolve many of those download failures.

ProxHTTPSProxy is really wonderful tool. It allows access to many sites blocked and also to private & pubblic institution website not avaible before partially or totally (graphic defects/certificate errors/lack of visualization elements/address not reachable).

The question is: can we safely access these sites, through the ProxHTTPSProxy, entering sensitive credentials without any risk whatsoever (privacy, data theft, etc..)?

I suppose ProxHTTPSProxy couldn't expose severe security holes (otherwise Mr. Heinoganda would have warned about it) but, just to clear the field of doubts, are any security implications known?  

Share this post


Link to post
Share on other sites
On 11/18/2019 at 9:58 AM, Vistaboy said:

can we safely access these sites, through the ProxHTTPSProxy, entering sensitive credentials without any risk whatsoever (privacy, data theft, etc..)?

IMO yes; it's safe. Older, "weaker" encryption is used between the browser (IE or Chrome) and the so-called "front" server, and data is unencrypted between the "front" and "back" servers; but all this takes place within your own PC. No unencrypted or weakly-encrypted data ever leaves the PC. Thus, the connection between your PC and the Web server you're using will be as secure as the Web server is configured to make it.

It's conceivable that malware could be written to exploit ProxHTTPSProxy, but the number of folks using it is pretty tiny, so I doubt anyone would bother.

  • Like 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...