Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)


Topic review


The 800B0109 error was caused by an intermediate cert not pushed to the cert store (though it was to browsers).
Getting 80092012 now, which appears to be a CRL issue.
The end cert does not contain CRL or OSCP info at all. Chrome/Firefox/Edge do not complain.

WinSCP check for updates results in "certificate not trusted" error

WinSCP version: 5.13.3
1. Windows 10 Version 1803 (OS Build 17134.137)
2. Windows Server 2016 Version 1607 (OS Build 14393.2339)
Error message:
Certificate not trusted.
Error: 800B0109, Chain index: 0, Element index: -1
Server certificate verification failed: issuer is not trusted

Both machines are behind a corporate proxy. The proxy terminates SSL to inspect traffic and issues on the fly a local cert for the machine to proxy connection. The issuer's root cert is pushed by policy to the machines and all other programs have no issue.

Does WinSCP not use the Windows Certificate Store and keeps its own list of trusted root certs?
Or perhaps has a hardcoded check for a particulate certificate it expects to receive?