#MICROSOFT AUTOUPDATE 4.31.21011103 UPDATE#
Registry settings for storing CTLs New settings enable changing the location for uploading trusted or untrusted CTLs from the Windows Update site to a shared location in an organization.
#MICROSOFT AUTOUPDATE 4.31.21011103 SOFTWARE#
The following improved automatic update mechanisms for a disconnected environment are available in Windows Server 2012 R2 and Windows 8.1 or when the appropriate software update is installed: This resulting in the following challenges:Īlthough disabling automatic updates for trusted CTLs is recommended for administrators who manage their lists of trusted root certificates (in disconnected or connected environments), disabling automatic updates of untrusted CTLs is not recommended.įor more information, see Controlling the Update Root certificate Certificates Feature to Prevent the Flow of Information to and from the Internet.īecause there was not a method for network administrators to view and extract only the trusted root certificates in a trusted CTL, managing a customized list of trusted certificates was difficult task. An administrator could not selectively enable or disable one or the other. Prior to Windows Server 2012 R2 and Windows 8.1 (or the installation of the software update, as previously discussed), the same registry setting controlled updates for trusted root certificates and untrusted certificates.
For more information, see Announcing the automated updater of untrustworthy certificates and keys. Client computers access the Windows Update site by using the automatic update mechanism to update this CTL.Ī list of untrusted certificates is called an untrusted CTL. When you want to distribute trusted root certificates, the list of trusted root certificates is stored in a CTL.
These certificates are trusted by the operating system and can be used by applications as a reference for which public key infrastructure (PKI) hierarchies and digital certificates that are trustworthy. Trusted root certificates are meant to be placed in the Trusted Root Certification Authorities certificate of the Windows operating systems. For more information about the list of members in Windows Root Certificate Program, see Windows Root Certificate Program - Members List (All CAs). The Microsoft Root Certificate Program enables distribution of trusted root certificates within Windows operating systems.
To provide the enhancements of the automatic update mechanism that are discussed in this document, apply the following updates: Certificates and trust Software updates are available for Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, and Windows Vista.
0 kommentar(er)
