I am getting these certificate errors in the CAPI2 section of event viewer CONSTANTLY, beginning immediately after turning on my PC, even before I have launched any programs or opened my browser. The processes listed in the errors as having certificate issues include core Windows components as well as other various programs and browsers I use. Basically everything, which means this is a systemic issue, correct me if I'm wrong.
I am highly concerned because some of these certificate errors list lsass.exe (Local Security Authority Process) and MsMpEng.exe (Windows Defender) as processes using non-trusted root certificate.
Errors include:
error 60 open store,
error 82 find security or catalog for file,
error 11 build chain,
error 30 verify chain policy,
error 41 verify revocation,
error 42 reject revocation information
error 81 verify trust,
error 53 retrieve object from network
When I googled these errors, lots of people especially on older versions of Windows get errors 11 and 4107 in the CAPI2 section of event viewer. I do NOT get ANY 4107 errors.
Additionally I just turned on my PC with no internet connection and I still get the errors, fwiw. For example ones that say various certs such as DigiCert Trusted Root G4 (as well as others) are "not trusted by the trust provider", but when I go into the MMC and find said certificates, they say they are valid and not expired. The moment I give the PC internet access again I get a bunch of the errors that list websites, for example: settings-win.data.microsoft.com, login.live.com, www.bing.com, r.bing.com, *.wns.windows.com, ecs.office.com, *.footprintdns.com, etc.
My PC is up to date, and I'm running Windows 10 Home.
I have tried running sfc /scannow as well as DISM. I have also tried resetting the catroot folder and resetting various services related to certificates. Also my PC's clock is synced and the time service is running.
Can someone help me make sense of these errors? To my eye it looks like a sync issue, like my clock is out of sync. But it isn't, so I'm not really sure what to do! My PC otherwise is functional.. Maybe these errors are normal?
Here are some examples of the errors I get in event viewer:
I am highly concerned because some of these certificate errors list lsass.exe (Local Security Authority Process) and MsMpEng.exe (Windows Defender) as processes using non-trusted root certificate.
Errors include:
error 60 open store,
error 82 find security or catalog for file,
error 11 build chain,
error 30 verify chain policy,
error 41 verify revocation,
error 42 reject revocation information
error 81 verify trust,
error 53 retrieve object from network
When I googled these errors, lots of people especially on older versions of Windows get errors 11 and 4107 in the CAPI2 section of event viewer. I do NOT get ANY 4107 errors.
Additionally I just turned on my PC with no internet connection and I still get the errors, fwiw. For example ones that say various certs such as DigiCert Trusted Root G4 (as well as others) are "not trusted by the trust provider", but when I go into the MMC and find said certificates, they say they are valid and not expired. The moment I give the PC internet access again I get a bunch of the errors that list websites, for example: settings-win.data.microsoft.com, login.live.com, www.bing.com, r.bing.com, *.wns.windows.com, ecs.office.com, *.footprintdns.com, etc.
My PC is up to date, and I'm running Windows 10 Home.
I have tried running sfc /scannow as well as DISM. I have also tried resetting the catroot folder and resetting various services related to certificates. Also my PC's clock is synced and the time service is running.
Can someone help me make sense of these errors? To my eye it looks like a sync issue, like my clock is out of sync. But it isn't, so I'm not really sure what to do! My PC otherwise is functional.. Maybe these errors are normal?
Here are some examples of the errors I get in event viewer:
