Skip to content
/ winroots Public

Replace/renew all Microsoft Third-party Root Certification Authorities certificates

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

i81b4u/winroots

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
README.md
README.md
 
 
gencabundle
gencabundle
 
 
newrootswin
newrootswin
 
 

Repository files navigation

winroots

Use at your own risk! While this procedure works for me, I can and will not guarantee it will work for you too!

To replace all Microsoft Third-party Root Certification Authorities certificates with certificates currently available in Mozilla's trust store (https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt), follow these steps:

  1. On a Linux box, md and cd into a directory where files will be downloaded/created;
  2. Execute (the commands in) gencabundle (wget, perl and openssl needed);
  3. Transfer ca-bundle.p7b to the Windows box;
  4. Start a powershell with administrator rights;
  5. Execute (the commands in) newrootswin while making sure that ca-bundle.p7b is in the current directory;
  6. Done.

About

Replace/renew all Microsoft Third-party Root Certification Authorities certificates

Topics

windows certificates replace public-key-cryptography

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published