is there any reason for breaking 'Microsoft Root Certificate Authority' certificate in Windows 10 20H2 ?

LEE, SEUNGWAN (이승완_CoreSW) 6 Reputation points
2021-08-02T03:43:47.65+00:00

Hello,

it seems there is a problem which is broken ''Microsoft Root Certificate Authority' certificate in My customer's PC(Windows 10 20H2).

When they tried to install a printer driver which get signed with sha1 alorithm, the Windows 10 OS don't know the driver got the digitally signed.
119714-image.png

They tried to install the printer driver using Add printer wizard and it showed 'it is not digitally signed'.(Sorry about chinese. they translated it.)
119600-image.png

But, we found out a driver which get signed with sha256 can be installed without no issue in the customer's windows 10.

So we tested this issue on several Windows 10 environment, but it didn't reproduce. the driver with signed sha1 can be installed on all our test Windows 10.
The add printer wizard showed ' the driver is digitally signed.'

we suspect this is one issue of 'Microsoft Root Certificate Authority' certificate. The certificate of customer's Window 10 doesn't have a compatibility for a driver with signed sha1 with any reason.

Could you know why Windows 10 don't allow the installing a driver with signed sha1 all of sudden ?

(FYI, )

I tried to reproduce similiar situation of it.

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,772 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. EckiS 821 Reputation points
    2021-08-02T04:36:56.687+00:00