Microsoft Root Certificate Authority 2011.cer Portable -

You might think a root certificate from 2011 is old news. In reality, it is still actively used. If this certificate is missing or untrusted, the following scenarios break:

A: You may have both the SHA-1 and SHA-256 thumbprint variants, or the cross-signed version from another CA (like VeriSign). Check the "Issuer" column—the legitimate one is self-issued. microsoft root certificate authority 2011.cer

Option A — Download from Microsoft (recommended) You might think a root certificate from 2011 is old news