There are continuing reports in event viewer regarding code integrity of certain files related to security. Now I am suspicious about third party root certificates. I noted the following auto updates:
From the following:
Geotrust.com
Digicert.com
Equifax secure global
Addtrust External TTP Network
Go Daddy Class 2
Entrust.net
Thawte Consulting cc
Valicert.com
Verisign trust Network
My question is, How do I check the validity of these certificates?
Browsers are set in Internet Explorer to check for both publisher's certificate revocation and server certificate revocation. Also in Internet options>content>certificates you will find a list of trusted root certification authorities.
This information may help:
http://www.tech-faq.com/root-certificate-update.html
http://technet.microsoft.com/en-us/library/cc751157.aspx
http://www.felgall.com/brsgen10.htm
delphinium wrote:
Browsers are set in Internet Explorer to check for both publisher's certificate revocation and server certificate revocation. Also in Internet options>content>certificates you will find a list of trusted root certification authorities.
This information may help:
http://www.tech-faq.com/root-certificate-update.html
http://technet.microsoft.com/en-us/library/cc751157.aspx
http://www.felgall.com/brsgen10.htm
Thanks delphinium, it's all a bit too techinal for me though.
The quickest way to check is to go to Tools>Internet Options>Content>Certificates>Trusted Root Certification Authorities. You will find all of the ones you listed except for Valicert.
delphinium wrote:
The quickest way to check is to go to Tools>Internet Options>Content>Certificates>Trusted Root Certification Authorities. You will find all of the ones you listed except for Valicert.
Hi, delphinium ... is Valicert OK? I am just wondering why they are not normally included ... I don't know anything about root certificates and have never heard of several of them that I found in there ... I am just wondering if Valicert is considered a legitimate root or if I should delete it and run screaming into the closet ...
:: just kidding :: ... tin
According to RSA, Valicert is still required for some older certificates. It is expected to be completely replaced in 2012. In the meantime it is still on Go Daddy's list of secure certificate services.
https://certs.godaddy.com/anonymous/repository.seam: https://certs.godaddy.com/anonymous/repository.seam
Thanks much, Delphinium ... tin