Windows 7 root certificate updates

Question

I work for a company that uses Windows 7 for end-user computing. The Windows 7 computers are updated via a WSUS installation, and access to Microsoft Update is blocked.

We have a problem with a number of websites whose certificates appear to be invalid, though they are perfectly okay. The problem is that Windows 7 apparently does an on-demand update of root certificates through Windows Update rather than rolling out a monthly update, as with Windows XP.

Now that Windows Update is blocked, how should root certificates be updated? It appears that WSUS is not handling this feature.

score 2 · Answer 1 · answered Oct 27 '12 at 11:28

2

Try to manually update the root certificates.

http://support.microsoft.com/kb/931125

answered Oct 27 '12 at 11:28

CrumpledMemories

656

score 1 · Answer 2 · answered Jul 14 '23 at 12:58

1

In my case for Windows 7 Professional 6.1.7601 Service Pack 1 Build 7601 Helped this console commands

Certutil -syncWithWU C:\cert
cd C:\cert
for %f in (*.cer, *.crt) do certutil -addstore -f "Root" "%f"

restart PC

answered Jul 14 '23 at 12:58

Ruslan Novikov

166

score 0 · Answer 3 · answered Aug 02 '24 at 01:14

0

Legacy Update

Thats what this what made for, just download it, it'll automatically download the certs and update your computer

answered Aug 02 '24 at 01:14

Nossy Drelich

81

Windows 7 root certificate updates

3 Answers3