So, apart from all the workarounds, there's no real fix yet?
Windows 10 ,Feature Update to 1909, Certificates missing after
Any one seen this issue ,only occurring in about the last week. It maybe a wider issues globally. Not sure what triggered it.
Basically in the last few days some updates from 1809 to 1909, after completed, the local laptop certs are missing. Which is a problem for all our home users on VPN! (i.e. with covid still around)
23 answers
Sort by: Most helpful
-
-
NOELRPG45 1 Reputation point
2020-10-31T21:10:24.813+00:00 no fix yet until MS releases updated or refreshed installation media according to these MS articles 4577671 & 4573911
https://support.microsoft.com/help/4577671/
https://support.microsoft.com/help/4579311/look at the "known issues" sections of those articles that mention about System and user certificates being lost.
-
Joy Qiao 4,886 Reputation points Microsoft Employee
2020-11-02T05:22:39.197+00:00 Hi All,
Known issue text for the certificate removal issue has been published on Windows 10, version 20H2 and Windows Server, version 20H2 and also has been update in Windows Update KBs for 2020 9C through 2020 10c for the 1903/1909 and 20h1/20h2 releases of Windows 10. Here is a link for quick review: https://support.microsoft.com/en-us/help/4580364
@Chris G I noticed you shared created script for this issue, but any manual or scripted solution must take into account / include the Root (ROOT) and Intermediate (CA) stores in the recovery to avoid cert Chaining/Validation issues. I am afraid that scripts don’t appear to consider Root (ROOT) Rot and Intermediate CA stores located in the following registry hives.
Bests,
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Su, Steven S 21 Reputation points
2020-11-02T05:31:01.947+00:00 The results of my environment test are as follows: The certificate disappeared from 1809 to 1909, and it was tested to be affected by the patch KB4577668. Remove the patch from 1809 and upgrade to 1909 and it will work normally.
-
JJ 1 Reputation point
2020-11-03T15:54:07.58+00:00 We have also seen this issue when upgrading from 1803 to 1909 using the Windows 10 update through SCCM.
We are not deploying via an update package or task sequence due to the current situation with everyone working from home - using the update directly via SCCM, we can specify that the content comes directly from Microsoft which doesn't impact out bandwidth from our datacentre.@Joy Qiao can you confirm that Microsoft are aware of this issue and are working on a solution - I can see from the details of KB4577671 (for 1903 and 1909) https://support.microsoft.com/en-gb/help/4577671 that the known issue is documented when upgrading from 1809, but not from 1803.
The script provided by @Chris G works for fixing the issue after the upgrade, but a fixed update would obviously be a better solution.