Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

After install the SEP client MR5 i have receive from all machine this events: Error Crypt32

Updated: 21 May 2010 | 2 comments
ctrlq's picture
ctrlq
Accredited
0 0 Votes
Login to vote
This issue has been solved. See solution.

Hi Everyone!!!

After install the SEP client MR5 i have receive from all machine this event:

Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 8
Date:  06/10/2009
Time:  10:23:55 a.m.
User:  N/A
Computer: XXXXXXXX
Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

The Microsoft solution for this issue is in this article: http://support.microsoft.com/kb/317541/en-us

Some one know what happend?

Thanks in advance...

discussion Filed Under:
, , ,

Comments

sandip_sali's picture
06
Oct
2009
1 Vote -1
Login to vote
sandip_sali
Technical Support

Error Crypt32

Hi,

       This occurs because : -

This behavior can occur if the Update Root Certificates component is turned on and the computer cannot connect to the Windows Update server on the Internet. The Update Root Certificates component automatically updates trusted root-certificate authorities from the Microsoft Update server at regular intervals.

One of the reason why the computer cannot connect to the Windows Update Server might be due to wrong proxy settings.

Please follow the below link.

 http://support.microsoft.com/kb/317541/en-us

Thanks & Regards Sandip C Sali

SOLUTION
matt will fix it's picture
19
Jan
2010
2 Votes +2
Login to vote
matt will fix it

Root cause

The message from sandip_sali above does not address the root cause of this issue. Please mark this as the solution instead.

I have found the root cause of this issue. No one in Symantec could tell me the root cause, I figured it out for myself in the end. If you are getting Event ID 8 errors in the Event Log after installing SEP, its because SEP is using a self-signed certificate for client-server communication. Windows attempts to find the trusted root for the certificate, but because the computer account has no proxy set (or no proxy access), the update fails. This is triggered more often after SEP is installed as SEP keeps trying to use the self signed certificate.

1)      Computer account doesn’t have a proxy set, so can’t get out to the Windows Update website
2)      SEP is using a self signed certificate for client/server communication
3)      SEP uses the self signed certificate and Windows can’t find a trusted root certification authority
4)      “Update Root Certificates” component tries to connect to the internet to see if there is a new trusted certificate authority (See Turn off Automatic Root Certificates Update - http://technet.microsoft.com/en-us/library/cc749503(WS.10).aspx )
5)      Update root certificate doesn’t work as connection times out

Our solution:

1)      Turn off the updating of root certificates from the internet via GPO (see http://technet.microsoft.com/en-us/library/cc749503(WS.10).aspx )
2)      Install root certificates as part of the Windows Updates (this package does the same thing - http://support.microsoft.com/kb/931125 )

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,784