Event ID 4107 Microsoft Windows CAPI2
Applies to:
Windows Server 2008, Windows Vista, Windows 7
Details
Product |
Windows Operating System |
ID |
4107 |
Source |
Microsoft-Windows-CAPI2 |
Version |
6.2 |
Message |
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. |
Cause
This error occurs because the Microsoft Certificate Trust List (CTL) Publisher certificate expired. A copy of the CTL with an expired signing certificate exists in the %windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\CryptnetUrlCachefolder directory.
Event ID 4107 can also be logged with the following error message: “The data is invalid,” instead of “A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.”
The error message “Data is invalid” indicates the object that was returned from the network was not a valid .cab file. Hence, the Windows operating system could not parse it correctly. Instances of such an error can occur when the network retrieval attempt for the .cab file fails to go through a proxy server. If the proxy server returns some data or an error message instead of a standard HTTP error code, the Windows operating system tries to parse the received message from the proxy server, expecting it to be the .cab file. This will fail with the error message "Data is invalid.”
User action
1. Open a Command Prompt window. (To do this, click Start, click All Programs, click Accessories,
and then click Command Prompt.)2. At the command prompt, type the following command, and then press ENTER:
certutil -urlcache * delete
3. The certutil command must be run for every user on the workstation. Each user must log in and
follow steps 1 and 2.
If the expired certificate is cached in one of the local system profiles, you must delete the content of some directories by using Windows Explorer. To do this, follow these steps:
1. Open Windows Explorer. (To do this, click Start, click All Programs, click Accessories,
and then click Windows Explorer.)2. Enable the following hidden folders to view the directories with content that you must delete.
3. You may receive a message that states you do not have permission to access the folder.
If you receive this message, click Continue.
LocalService:
%windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
%windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
NetworkService:
%windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
%windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
LocalSystem:
%windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
%windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData