Root Certificate Not Enabled as a Trusted Root

ID: Q196316

The information in this article applies to:

Microsoft Internet Explorer Administration Kit versions 4.0, 4.01, 4.01a

SYMPTOMS

When you use the Microsoft Internet Explorer Administration Kit (IEAK) installation or the Automatic Configuration, Internet Explorer tries to open a .cab file and the following error message occurs:

   Root certificate has not been enabled as a trusted root.

This error occurs even if the file has been properly signed with a certificate from a valid Certificate Authority (CA).

CAUSE

During the installation of Internet Explorer, the Setup Personalization did not run under this user account or on this system.

WORKAROUND

Verify that the CA is in the browser's list of Root Authorities. To do this, use the following procedure:

1. In Internet Explorer, click Options on the View menu. 2. Click the Content tab. 3. Click Authorities. 4. In the drop-down box, click Software Publishing and look at the

   list of CAs.

If all of the defaults are missing, then the Internet Explorer Setup Personalization did not run under this user account or on this system. It is recommended that you reinstall Internet Explorer on this client computer, using your IEAK build, to add in the Root Authority.

If there are CAs in the list, but not the correct ones, you will have to add in the Root Authority manually.

Additional query words: ca ieak root authority

Technology        : internet
Version           : WINDOWS:4.0,4.01,4.01a
Platform          : WINDOWS
Issue type        : kbprb

Last Reviewed: November 25, 1998