Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, November 28, 2019 2:13 PM
Hi there,
we deploy Windows 10 (currently 1809) in a corporate network, the clients don't have direct internet access (we use a proxy).
Unfortunately the root certificates are not updating. After a fresh installation there are only very view root certs available and they don't populate automaically.
Obviously you can't deploy the root certificates by WSUS, so we normally update the root vertificates manually in our standard images. But now I found out that in place updating Windows 10 to a higher version often leads to the issue that the certificate store is incomplete again, which leads to a lot of untrusted certificate errors, confused users and unhappy admins.
Can somebody please tell me how I can deploy the trusted root certificates manually? What is necessary to get the certs through a proxy?
Thanks and regards
Marcel
All replies (4)
Thursday, November 28, 2019 3:31 PM
Normal practice is connect to internet and update them.
Have you consider using Direct Access or VPN to make connection instead of proxy?
Friday, November 29, 2019 8:16 AM
Normal practise in a corporate network is using a proxy server for internet access for security reasons.
Of course we also use VPN but we need a solution for updating root certs through a proxy. If this is not possible, I can also configure the proxy to bypass certain URLs but I don't know which ones.
Friday, November 29, 2019 1:46 PM
Got my answer here:
http://woshub.com/updating-trusted-root-certificates-in-windows-10/
Tuesday, December 3, 2019 6:59 AM
Glad to hear this issue has been solved. Thanks for sharing, Hope your experience will help other community members facing similar problems.
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].