windows-server-2008-r2 – 自动从商店中删除受信任的根证书

前端之家收集整理的这篇文章主要介绍了windows-server-2008-r2 – 自动从商店中删除受信任的根证书前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我有一个受信任的第三方的根证书.我将此安装到 Windows Server 2008中的“受信任的根证书颁发机构”证书存储区,但它在未知时间从证书存储区中消失.

可能是什么导致了这个?

>证书尚未过期
>它似乎没有被撤销
>我无法在事件发生时看到任何相关的事件日志
>它发生在我的开发机器,测试环境和生产服务器上
>生产服务器不在域上,只是工作组(托管在Rackspace中)
>查询组策略(gpresult / h foo.html)并未报告我无法信任第三方根CA

我在c#命令行应用程序中使用以下代码来安装证书:

X509Certificate2 certificate = new X509Certificate2("trusted-root-cert.cer");
X509Store store = new X509Store(StoreName.AuthRoot,StoreLocation.LocalMachine);

store.Open(OpenFlags.ReadWrite);
store.Add(certificate);
store.Close();

每次我发布对应用程序的更改时,都会运行证书安装代码.我不知道这怎么会造成任何伤害,但值得一提.

我安装证书的方式可能有些不对劲.安装的首选方式是什么?

在应用程序事件日志中进行更彻底的挖掘,此条目发生:
Log Name:      Application
Source:        Microsoft-Windows-CAPI2
Date:          24/10/2014 12:49:10
Event ID:      4108
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      [redacted]
Description:
Successful auto delete of third-party root certificate:: Subject [...redacted...]

事实证明,如果无法识别第三方根CA,则可以将其删除

Typically,a certificate is used when you use a secure Web site or when you send and receive secure e-mail. Anyone can issue certificates,but to have transactions that are as secure as possible,certificates must be issued by a trusted certificate authority (CA). Microsoft has included a list in Windows XP and other products of companies and organizations that it considers trusted authorities.

http://toastergremlin.com/?p=144

猜你在找的Windows相关文章