Intermediate certificates Removed From Windows 10

I followed the directions and used GPO to add the intermediate cert to my Windows 10 clients. It worked for a week or so then one at a time everyone started telling me they were getting cert errors when surfing the internet. Come to find out the intermediate cert had been removed.
Has anyone seen this, I can't seem to find any reason why this would have happened and I'm afraid to start again without knowing why.
I'm running a pretty current network with Server 2022 and Win 10 Clients. We also use Bitdefender as our AV.
Thanks for your help


  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Kucster
    Check to see if your antivirus is also doing content inspection. If it is, it you may need to install the firebox's certificate in the AV program, or turn content inspection off on one or the other (the firebox or the antivirus.)

    If both are doing content inspection, the firebox will do it first, and the antivirus will get traffic signed by the firebox's certificate, which it won't trust.

    -James Carson
    WatchGuard Customer Support

  • Options

    Thank you for the response @james.carson
    Bitdefender does offer content inspection, but I have it off. I see their cert in my user's cert store but I presume it is not in use.
    I've never seen a cert pulled so I didn't know if there was a setting or something else.
    I guess I will have to try with a couple of clients and see if it happens again

  • Options

    @james.carson I found the issue, someone came behind me and changed the WMI filter which removed the cert from the computers. I didn't even know an update like this would remove the cert, I assumed it would have left it there and just not installed it on computers who had not received the GPO yet.
    Thank you for your help and I'm very sorry to bother you with this.

Sign In to comment.