Jun 2

The AddTrust External CA Root expiry on the 30/5/2020 has caused some issues for older clients, while the fix on Linux based systems is quite widely documented, for Windows its a bit less clear.

The quickest fix is to open the certificate store (mmc > add remove snap in > certificates > local computer), and set each AddTrust Certificate with the 30/5/2020 expiry to disabled (right click the cert, properties, and set to disabled), then reboot the server. In my experience the certificate under ‘Trusted Root Certification Authorities’ did the trick.

Then the chain should verify on a checker such as https://whatsmychaincert.com/