CRYPT32 EVENT ID 11
We have very recently started receiving the following errors on multiple of ouyr Windows 2003 servers. Has anybody any idea if this is likely to cause any issues.
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A certificate chain could not be built to a trusted root authority.
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A certificate chain could not be built to a trusted root authority.
Jason Watkins
It could be that automatic updates cannot download and install the latest root certificate updates. Perhaps trying the download manually?
Agreed - that is my first assumption as well. Here is the current root certificate list from MS:
http://www.microsoft.com/downloads/details.aspx?FamilyId=c14f8940-71b7-41e3-8749-a00e01e22f17&displaylang=en
http://www.microsoft.com/downloads/details.aspx?FamilyId=c14f8940-71b7-41e3-8749-a00e01e22f17&displaylang=en
ASKER
After much digging around I would agree with both comments, the only thing about your reply Paranormastic is that the update you have pointed me too is for Win XP not Server 2003
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Still receiving Crypt32 errors on all servers after manually installing the new certificate. Interestingly though, If you look at the cerificate, it states the the certificate "is not valid for the requested usage"?!
One forum states that this was resolved by removing the Root Kit Update from Add/Remove programs but 1. We have over 200 Servers and 2. This is not a solution but a quick fix which or not recommended.
The actual certificate is retrieved OK and every hour this annoying Event 11 is logged on all servers irrespective of their role. The workstations appeared to have been logging this event but stopped randonly across the business. Unfoitunately the servers haven't so any further recommendations would be very much appreciated.
One forum states that this was resolved by removing the Root Kit Update from Add/Remove programs but 1. We have over 200 Servers and 2. This is not a solution but a quick fix which or not recommended.
The actual certificate is retrieved OK and every hour this annoying Event 11 is logged on all servers irrespective of their role. The workstations appeared to have been logging this event but stopped randonly across the business. Unfoitunately the servers haven't so any further recommendations would be very much appreciated.
ASKER
It looks like the certificate is valid, but not signed
ASKER
Thanks for the update Firebar, any idea how I get a signed one?
Have you seen this? http://technet.microsoft.com/en-us/library/cc734018%28WS.10%29.aspx