Do you have any previous version of SEP / SAV installed, does this happen on a complete fresh install?

under the trusted root store do you see microsoft root authority certificated.

HI,

Any third party antivirus install previous ?

Try to install fresh sep client on system and check this error occured again or not ?

Try this steps:

1.      Open Control Panel.

2.      Double-click Add or Remove Programs.

3.      Click Add/Remove Windows Components.

4.      Double-click Application Server.

5.      Double-click Internet Information Services (IIS).

6.      Double-click World Wide Web Service.

7.      Select Active Server Pages.

8.      Click OK to close the World Wide Web Service dialog box, click OK to close the Internet Information Services (IIS) dialog box, and then click OK to close the Application Server dialog box.

9.      Select Certificate Services. Review the warning regarding the computer name and domain membership. Click Yes in the warning dialog box if you want to continue, and then click Next on the Windows Components page.

10.  On the CA Type page, choose one of the following, and then click Next:

• Enterprise root CA. An enterprise root CA must be installed on a domain member. The enterprise root CA will automatically issue certificates when requested by authorized users (that are recognized by the domain controller).
• Stand-alone root CA. A stand-alone root CA requires that the administrator issue each requested certificate.

11.  On the CA Identifying Information page, provide a common name for the CA, check the distinguished name suffix, select a validity period, and then click Next.

12.  On the Certificate Database Settings page, review the default settings. You may revise the database locations. Click Next.

13.  On the Completing the Windows Components Wizard page, review the summary, and then click Finish.

How to Install Certificate:

      1.      Open Internet Explorer.

2.      From the menu, select Tools, and then select Internet Options.

3.      Select the Security tab, and click Custom Level to open the Security Settings dialog box. Set the value in the Reset custom settings drop-down menu to Medium, click OK to close the Security Settings dialog box, and then click OK to close the Internet Options dialog box.

      4. Browse to: http://IP address of certification authority server/certsrv

5.      Click Download a CA Certificate, Certificate Chain, or CRL. On the next page, click Download CA Certificate. This is the root CA certificate that must be installed on the Forefront TMG computer. In the File Download dialog box, click Open.

6.      On the Certificate dialog box, click Install Certificate to start the Certificate Import Wizard.

7.      On the Welcome to the Certificate Import Wizard page, click Next. On the Certificate Store page, select Place all certificates in the following store and click Browse. In the Select Certificate Store dialog box, select Show Physical Stores. Expand Trusted Root Certification Authorities, select Local Computer, and then click OK. On the Certificate Store page, click Next

8.      On the Completing the Certificate Import Wizard page, review the details, and then click Finish.

      Verify that the root certificate was properly installed by performing the following steps.

a.       Open the Microsoft Management Console (MMC) Certificates (local computer) snap-in.

b.      Expand the Trusted Root Certification Authorities node, click Certificates, and verify that the root certificate is in place.

We had exact same situation, any help to this one is needed - installing root certicate ain't solution - there's 10000 clients which want's to be migraded from SEP11 to SEP12.1.2 - and some of them ain't on AD either so we cannot share this cert using it..

You did not mention which operating system you were attempting to install SEP onto. Is it safe to assume that this is the SEP client, given that you installed it successfully onto other computers?

I can find no KB documents for SEP with "Error 25010" or "Microsoft Test Root Authority".

sandra (who is most certainly not a gent )

I've tried installing it on both Windows 7 64-bit SP1 and Windows 8, both are using 12.1 R1 MP1.  I've received the same errors on both as well.

We have same problem when uppgrading from 11.0.6300.803

Installation log says:

CheckTeeferCertificate begin

CheckTeeferCertificate Test Root Certificate is not installed, the installation will rollback.

MSI (s) (A4!C8) [16:14:34:661]: Product: Symantec Endpoint Protection -- Error 25010. Could not locate "Microsoft Test Root Authority" certificate in "Trusted Root Certification Authorities" store. It is required for this build of Symantec Endpoint Protection. Please install it and retry Symantec Endpoint Protection installation.

Error 25010. Could not locate "Microsoft Test Root Authority" certificate in "Trusted Root Certification Authorities" store. It is required for this build of Symantec Endpoint Protection. Please install it and retry Symantec Endpoint Protection installation.

CheckTeeferCertificate end, returning: 1603

Action ended 16:14:34: CheckTeeferCertificate. Return value 3.

The only references I can find are either extremely outdated or not relevant to the 12.1.2015.2015 build. (You are all using the final build, I hope, and not e.g. a beta?) If anyone experiencing this issue with 12.1.2015.2015 hasn't yet opened a case, I would suggest doing so.

sandra

Version is 12.1.2015.2015 

Operating system on client is Windows Vista ultimate Edition.

Case opened.

We are also starting to experience this issue in our environment. I initially came across this issue trying to run a fresh 12.1.2 install on a Windows 7 Professional x64 laptop. Microsoft Root Authority and Microsoft Root Certificate Authority are both installed and do not expire until the year 2020 at the earliest. However, I still get this error when trying to run the install. Checking with our field technicians they too have come across this error within the last week, but to date none have resolved as far as I know.

Hi,

Recently we had also faced this issue with SEP 12.1 RU2 & It resolved after doing an upgrade to SEP 12.1 RU2 MP1.

Upgrade to SEP 12.1 RU2 MP1 can be the possible solution.