Microsoft-Windows CAPI2 failed extract of third-party root list from auto update cab


Hi, I get this error in the last few weeks and I am not sure, whether I should do something about it. I went to TechNet, Event ID 11 Automatic Root Certificates Update Configuration, but I would need something simpler that I can follow. Confuseduser P.S. Exact error message is below: -
Log Name:      Application
Source:        Microsoft-Windows-CAPI2
Date:          27/05/2009 8:42:16 PM
Event ID:      11
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Helga-PC
Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" EventSourceName="Microsoft-Windows-CAPI2" />
    <EventID Qualifiers="49154">11</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2009-05-27T10:42:16.000Z" />
    <EventRecordID>32381</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Helga-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab</Data>
    <Data>A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
</Data>
  </EventData>
</Event>
 

Question Info


Last updated September 17, 2019 Views 214,926 Applies to:
Answer
Answer
I don't see any reason the solution above would not work in Vista.  I see the same folder structure and registry entries on Vista. 

If you are not familiar with the registry, here is a very detailed instruction set on how to delete entries:  http://support.microsoft.com/kb/136393

Be sure to use the export option before deleting entries in order to back them up.

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Answer
Answer
This does help.

Now that you've pointed this out I've seen the same behaviour in the CAPI2 Event Viewer log file. My Windows 7 clients have been trying to access two URL's at the domain http://crl.microsoft.com/

None of the posts I had seen on this had mentioned the need for this path.

Thanks,

Michael

hi

Here's a basic definition for CRL in general terms. You can search Google using "Certificate Revocation List" and find a lot more information.

it could also be that direct X is looking for some updated drivers

what happens is that your browser is checking for provoked certificates , is perfectly normal and safe , its to keep you safe

have a nice day

ps for some further info

http://technet.microsoft.com/en-us/library/dd772269.aspx
Scan with OneCare + 50 Windows 7even Tips + Plagued by the Privacy Center? REMOVE IT + Threat Research & Response Blog + Sysinternals Live tools + TRANSLATOR+ Photosynth + Microsoft Security + Microsoft SUPPORT + PIVOT from Live Labs + Microsoft Live Labs + Office 2010 beta + Get Windows LIVE!
Microsoft SUPPORT >> support.microsoft.com
Microsoft SECURITY >> www.microsoft.com/security

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.