XBL client/server ipSec issuing CA (suspicious?)

When running antimalware/antilogger software it is now detecting 2 suspicious root CAs

XBL client IPsec issuing CA

XBL server IPsec issuing CA

why are they now showing up, should these be deleted or put in exclude safe list?

 

Question Info


Last updated September 16, 2018 Views 5,093 Applies to:

Hello Steve,

For us to better assist you, we'd like to know the following:

  • What antivirus software are you using?
  • Confirm which build is currently installed on your device. To check, follow the steps below:
  1. Press Windows key + R, then type in winver.
  2. Click OK.

We look forward to your response.

Regards.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Same here.

Windows 10 1709  16299.19

Windows Defender does not show any information about this.

However my certificate is only valid from 29.10.2017 to 30.10.2017.

What is it? Where does it come from? 

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Hi,

Certificate error likely occurs when your time and date settings are incorrect. This can also be caused when your security certificate is expired. We would like to know more about the issue so we can assist you better. Please answer the following questions:

  • Can you tell us which window are you seeing the error?
  • If any, can you provide us the screenshot of the exact error message?
  • What troubleshooting steps have you done so far?

We're looking forward to your response.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Hi Clark,

I also have this issue, but the certificate is dated from my Windows 10 1709 Fresh Install date.

I do not believe that this is an issue to do with Date and Time settings as the certificate has a validity period of only a day as you can see by this example:

I am assuming this has something to do with Xbox live considering the CA's prefix.

What I would like to know, is why is it there and what is it's purpose?

I may not have noticed it before, but this seems to be a new addition to Windows with 1709 and I cannot really find any mention of it after applying some google-fu.

Ethan O'Donnell - MCSE: Cloud Platform and Infrastructure; MCSA: Windows Server 2016; MCSA: Office 365; MS: Implementing Azure Infrastructure Solutions

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Same issue here. It dates to when Win10 updated from 1703 to 1709:

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Same by me. One Day validity on a fresh Windows 10 (System since 12.11.17 existing) installation. Think Microsoft does not know what they do. Wish still my old Windows back. Windows 10 is not User-Friendly and i get every Day new Errors or Warnings in the Eventlog. Feels how a fresh Early-Access-Game from Steam - dirty and faulty :(

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

My testing suggests this is something to do with Xbox Live / Windows Store interaction.  I am finding that Forza Motorsport 7 on my PC will not start when the certificate is expired.  I then have to uninstall and reinstall an add-on or app from the store (I've been using the FM7 Doritos Hotpack addon) at which time a new certificate with a 1 day expiry gets created.

Microsoft really needs to review what is happening here - it's an easily reprodu ced issue.

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Since I never use the Xbox app so had no chance of breaking it and I've been having this same event log warning about the same certificate (with a different date) I decided to reset that app and immediately the certificate was replaced by a new one valid from today until tomorrow. I don't understand why a company like Microsoft would install a temporary certificate with their app like that. They should have the installer remove it after use if it isn't needed or set a real expiration timeframe and let it renew if it is needed.

10 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.