WinSCP version: 5.13.3
OS:
1. Windows 10 Version 1803 (OS Build 17134.137)
2. Windows Server 2016 Version 1607 (OS Build 14393.2339)
Error message:
Certificate not trusted.
Error: 800B0109, Chain index: 0, Element index: -1
Server certificate verification failed: issuer is not trusted
Both machines are behind a corporate proxy. The proxy terminates SSL to inspect traffic and issues on the fly a local cert for the machine to proxy connection. The issuer's root cert is pushed by policy to the machines and all other programs have no issue.
Does WinSCP not use the Windows Certificate Store and keeps its own list of trusted root certs?
Or perhaps has a hardcoded check for a particulate certificate it expects to receive?