How to update root certificates for Kaspersky Embedded Systems Security 2.0 manually

Latest update: April 06, 2021 ID: 13727
The article concerns Kaspersky Embedded Systems Security version 2.0.


Kaspersky Embedded Systems Security 2.0 may function with errors on operating systems which are not supported by Microsoft and do not receive regular updates. The errors occur because the root certificates are outdated. 

Possible errors:

  • The Applications Launch Control rules work incorrectly for applications identified as trusted according to the certificate in the operating system. The system may block Kaspersky Embedded Systems Security 2.0 if the Applications Launch Control component is configured the following way:
    • The mode of active rule application.
    • No additional rules for Kaspersky Embedded Systems Security 2.0 based on other characteristics than a digital certificate.
  • Automatic generating of Applications Launch Control rules allowing access when the trusted certificate is detected (the application uses SHA256).
  • False critical event entries on corrupted components are generated after running the Software Modules Integrity Check task.


Update the root certificates manually:

  1. Create the list of last root certificates on a computer running Windows 10 which is regularly updated. To do so, run the following command:
certutil.exe -generateSSTFromWU roots.sst
  1. Move the roots.sst file to the folder C:\PS\rootsupd\ on the computer where the certificates will be manually updated.
  2. Download the archive and extract the rootsupd.exe file from it.
  3. Run the rootsupd.exe file with the following parameters:
rootsupd.exe /c /t:C:\PS\rootsupd
  1. Click No in the dialog window that opens:

Do not rewrite roots.sst

  1. After running the command, make sure that the folder contains the utility file, updroots.exe.
  2. Install the latest root certificates using the updroots.exe utility: To do so, run the following command:
updroots.exe roots.sst

The root certificates will be updated.

Did you find what you were searching for?
Thank you for your feedback!