How to update root certificates for Kaspersky Embedded Systems Security 2.0 manually
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.
Accept and close



Kaspersky Embedded Systems Security 2.0


How to update root certificates for Kaspersky Embedded Systems Security 2.0 manually

Back to "Troubleshooting"
2018 Jul 04 ID: 13727


Kaspersky Embedded Systems Security 2.0 may function with errors on operating systems which are not supported by Microsoft and does not receive regular updates. The errors occur because the root certificates are outdated.  

Possible errors:

  • The Applications Launch Control rules work incorrectly for applications identified as trusted according to the certificate in the operating system. The system may block Kaspersky Embedded Systems Security 2.0 if the Applications Launch Control component is configured the following way:
    • The mode of active rule application.
    • No additional rules for Kaspersky Embedded Systems Security 2.0 based on other characteristics than a digital certificate.
  • Automatic generating of Applications Launch Control rules allowing access when the trusted certificate is detected (the application uses SHA256).
  • False critical event entries on corrupted components are generated after running the Software Modules Integrity Check task.


Update the root certificates manually:

  1. Create the list of latest root certificates on a computer running under regularly updated Windows 10. Use the command:
certutil.exe -generateSSTFromWU roots.sst
  1. Save the file roots.sst on the computer where the certificates will be updated.  
  2. Download the archive and extract the files from it:
crootsupd.exe /c /t: "C:\PS\rootsupd"
  1. Check if the archive contains the updroots tool. 
  2. Install the latest root certificates using the updroots tool:
updroots.exe roots.sst
Was this information helpful?
Yes No
Thank you


Have you found what you were looking for?

Please let us know how we can make this website more comfortable for you

Send feedback Send feedback

Thank you!

Thank you for submitting your feedback.
We will review your feedback shortly.


How can we improve this article?

We will not be able to contact you if you leave your email address or phone number. To contact technical support, please sign in to your Personal Account.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.