e-t-c Posted May 5, 2022 Share Posted May 5, 2022 (edited) Hi together, Question: Is there any up-to-date Root Certificates (?) Update Pack for Windows 7 around? Why: NET::ERR_CERT_INVALID Error with Brave Browser Quote "Dies ist keine sichere Verbindung" oder "NET::ERR_CERT_AUTHORITY_INVALID" oder "ERR_CERT_COMMON_NAME_INVALID" oder "NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM" oder "ERR_CERT_SYMANTEC_LEGACY" oder "SSL-Zertifikatfehler" No error with Firefox (brings his own certificates). PS: Manual Root Certificates Update does not help ... http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab Quote Using any archiver (or even Windows Explorer) unpack authrootstl.cab. It contains one file authroot.stl. You can install this file in the system using the context menu of the STL file (Install CTL). SSL to TLS 1.2 Update ... https://www.ryadel.com/wp-content/uploads/2019/10/TLSFix_TLS12.zip SHA-1 to SHA-256 Update ... https://www.catalog.update.microsoft.com/Search.aspx?q=KB4474419 Yippie! Just found a SOLUTION: https://community.brave.com/t/net-err-cert-date-invalid-error-on-all-sites/286493/6 Quote Check if automated root certificate update is turned off, if it is then turn it on. It will auto update the certificate. Edited May 5, 2022 by e-t-c Link to comment Share on other sites More sharing options...
Humming Owl Posted May 5, 2022 Share Posted May 5, 2022 As another probable solution you can use @heinoganda's certificate updater for XP. I used it on Win 7 and worked to solve some certificate issues I got a while ago. It is a manual process but some people would prefer it over an automatic update. https://msfn.org/board/topic/175170-root-certificates-and-revoked-certificates-for-windows-xp/?do=findComment&comment=1110568 Cheers. 2 Link to comment Share on other sites More sharing options...
UCyborg Posted May 5, 2022 Share Posted May 5, 2022 Note that the solution above...depends on your POV and what sites you visit, but you may end up with TONS of certificates you'll NEVER need. Microsoft's default way is on demand, if a root certificate of the site doesn't exists in your store, a check is performed if MS trusts it and if it does, the certificate is fetched and put in the store. 1 Link to comment Share on other sites More sharing options...
jmeno Posted May 7, 2022 Share Posted May 7, 2022 Have some browsers their own certificate implementation? Or a proxy... Link to comment Share on other sites More sharing options...
Mathwiz Posted May 30, 2022 Share Posted May 30, 2022 @jmeno, Firefox (and forks of it such as PaleMoon) have their own certificates independent of Windows. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now