Untrusted app chain terminated in a root ... isn't trusted 0x800B0109 RRS feed

  • Question

  • Installing an .appx (3 of them actually from same developer) results in this error as of ~ July 2019

    It happens with both apps they have in the "Windows store" and with app versions obtained from the third party external website.

    Looking at the Signature Information ->View Certificate -> Path says "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store"

    The app validity period dates from 2017 to 2100 and the installers had been working previously. This leads me to believe they are still using the same signage.

    PCs which had the app months ago then later received an update still work - the root cert is still in place from initial installation, I guess.

    How does a dev's CA get into the store - can it be part of the installation process - then what has changed in Windows that caused this to no longer work? i.e. a default setting change has been instituted that causes that cert to no longer be trusted [i..e max future expiry date, perhaps, as 2100 seems excessive]? Or a method used in the install process has changed? Is the CA root bundled in the package or imported on the fly from said third party network so a communication error may be the cause?

    • Edited by OttIT Wednesday, April 29, 2020 6:29 PM
    Wednesday, April 29, 2020 6:27 PM