question

edcdan avatar image
1 Vote"
edcdan asked ·

Self-signed SSL certificates stopped working in Insider Preview builds

Our company develops a Windows application used by hundreds of customers that operates a web service on an atypical port to which we assign a self-signed SSL certificate. Prior to upgrading to the latest Preview builds, this worked properly, and it is working properly on my colleagues' and our customers' computers that are not running Insider Preview builds. I have tested this on two different computers running recent Insider Preview builds, however, and got the same failing result:

After installing the certificate via our installer, netsh shows that it is properly installed in the system certificate store. When looking in the Certificates snap-in in MMC, the certificate is present, though marked invalid. If I copy it into Trusted Root Certification Authorities, it is recognized as valid -- a step that was not previously necessary.

22009-image.png

22224-image.png

22145-image.png

If I run curl from the command-line, before copying the certificate into Trusted Root Certification Authorities, I get an invalid certificate error. After I copy it into Trusted Root Certificate Authorities, curl works as expected, and my web service responds properly. However, no web browsers (neither the new Edge, Chrome, or Firefox) except Internet Explorer will accept the certificate, and instead respond with a connection reset error.

22264-image.png

vs.

22242-image.png

I also tried using the self-signed certificate on a test website in IIS, and it's the same story.

22281-image.png

Have there been any changes to the way the certificate store works that would have altered this behavior, and what changes must we make to accommodate those changes?

Both computers I tested on are running Windows 10 Pro for Workstations Insider Preview version 2004. The desktop is running 20201.1000 and the laptop 20190.1000.

windows-10-securitywindows-10-networkwindows-10-application-compatibility
image.png (7.8 KiB)
image.png (27.0 KiB)
image.png (76.9 KiB)
image.png (62.7 KiB)
image.png (20.7 KiB)
image.png (14.3 KiB)
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered ·

Hi ,

>>Both computers I tested on are running Windows 10 Pro for Workstations Insider Preview version 2004. The desktop is running 20201.1000 and the laptop 20190.1000.

The Feedback Hub app lets you tell Microsoft about any problems you run in to while using Windows 10. You can report this issue to Microsoft directly with the Feedback Hub app.

For more information on using the app, click here:

https://support.microsoft.com/en-us/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app

There might be some early adopter issues at this time with Windows 10 2004, if possible, I would recommend you wait a bit until Windows 10 2004 matures with future cumulative updates.

If this issue is urgent, I would also suggest you contact Microsoft Customer Support and Services where more in-depth investigation can be done so that you would get a more satisfying explanation and solution to this issue.

You may find phone number for your region accordingly from the link below: 

https://support.microsoft.com/en-us/help/4051701/global-customer-service-phone-numbers

Best Regards,

Candy



·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

tamking2-2147 avatar image
0 Votes"
tamking2-2147 answered ·

Have you had any luck with this?
I have noticed issues with 1909 as well where creating a certificate from SelfCert.exe isn't automatically registering and Trusting the Certificate Path.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.