locked
Adding a new trusted root CA in domain doesn't work?

    Question

  • So I'm back in the office today, and I wanted to verify that the problems I was having with both exchange and some of our own apps wasn't caused by being off the corporate network, but it seems pretty clear now that I can't form encrypted connections that use our domain CA (given that wifi is failing as well).  I have the CA certificate installed in the local machine trusted root CA folder (same as on all the other machines that I have), but nothing that depends on it seems to work.  The cert does also show up in the current user hive as well.  Is there a limitation where you can't install new root CAs in this build, or where they aren't picked up somehow?  Again, not doing anything that didn't work in 7. 


    Monday, September 26, 2011 9:46 PM

All replies

  • Can you validate the time setting of your computer? We saw an issue where the time was off by a few years that caused crypto operations to fail.

    Tripp

    Monday, September 26, 2011 11:41 PM
  • Nope, date/time are correct.

    Tuesday, September 27, 2011 12:29 PM
  • So, any ideas on this?  I've tried removing/adding the cert a few times, but it still appears to be failing.  Has anyone else been able to add a custom CA to Win8?  One of the apps that I want to try porting to metro relies pretty heavily on TLS, as do the desktop apps that I want to validate, so these crypto operations failing is kind of a breaking change for us. 
    Wednesday, September 28, 2011 4:26 PM