I've a development environment with a test public key infrastructure. This infrastructure has one root CA, one intermediate CA and multiple end-entities (clients and servers). On the dev. machines, the root CA is installed into the "Trusted Root Certification Authorities", simulating a "commercial trusted CA"
I've successfully used this environment several times in the past, however I'm currently observing the following behavior: the root CA is automatically removed f开发者_运维百科rom the "Trusted Root Certification Authorities" the first time a chain using it is built (e.g. SSL connection establishment).
I know that windows automatically adds certificates to the "Trusted Root Certification Authorities". However, I didn't knew that they could be automatically removed. What are the circumstances on which this removal can happen?
The root certificate doesn't point to a CRL nor to a OCSP endpoint.
Thanks
Pedro
精彩评论