Chanklish 1 Posted September 13, 2023 Share Posted September 13, 2023 hello all websites are getting certificates revoked errors on endpoints .. i believe maybe my sophos firewall is causing this how to import the CA of sophos (or cert) to protect ? maybe this will solve my issue Link to comment Share on other sites More sharing options...
Administrators Marcos 5,307 Posted September 13, 2023 Administrators Share Posted September 13, 2023 Please provide logs collected with ESET Log Collector from the machine. Link to comment Share on other sites More sharing options...
Chanklish 1 Posted September 27, 2023 Author Share Posted September 27, 2023 On 9/13/2023 at 2:06 PM, Marcos said: Please provide logs collected with ESET Log Collector from the machine. here you go ees_logs.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 5,307 Posted September 27, 2023 Administrators Share Posted September 27, 2023 Please set HKLM\Software\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate to 0 and reboot the machine. It should work after root CA certs get updated. Link to comment Share on other sites More sharing options...
Chanklish 1 Posted September 27, 2023 Author Share Posted September 27, 2023 i have the same issue for all users ..more than 250 Link to comment Share on other sites More sharing options...
Chanklish 1 Posted September 27, 2023 Author Share Posted September 27, 2023 also the users dont have internet , only specific sites Link to comment Share on other sites More sharing options...
Most Valued Members ewong 8 Posted October 13, 2023 Most Valued Members Share Posted October 13, 2023 Would you happen to be using GPO? If so, create a new GPO that sets that registry item. It would be very tedious to do that manually. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,307 Posted October 13, 2023 Administrators Share Posted October 13, 2023 On 9/27/2023 at 12:06 PM, Chanklish said: also the users dont have internet , only specific sites On offline computers you could update root CA certificates as per the instructions at https://learn.microsoft.com/en-us/windows-server/identity/ad-cs/configure-trusted-roots-disallowed-certificates. Link to comment Share on other sites More sharing options...
Recommended Posts