May 2022 Deployment Notice - Microsoft Trusted Root Program
On Tuesday, May 17, 2022, Microsoft released an update to the Microsoft Trusted Root Certificate Program.
This release will remove the following roots (CA \ Root Certificate \ SHA-1 Thumbprint):
- U.S. Federal Public Key Infrastructure (US FPKI)\ U.S Government Common Policy \ 905F942FD9F28F679B378180FD4F846347F645C1
Note
- As part of this release, Microsoft also updated the Untrusted CTL time stamp and sequence number. No changes were made to the contents of the Untrusted CTL but this will cause your system to download/refresh the Untrusted CTL. This is a normal update that is sometimes done when the Trusted Root CTL is updated.
- The update package will be available for download and testing at: https://aka.ms/CTLDownload
- Signatures on the Certificate Trust Lists (CTLs) for the Microsoft Trusted Root Program changed from dual-signed (SHA-1/SHA-2) to SHA-2 only. No customer action required. For more information, please visit: https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for