Microsoft recently announced that the U.S. Federal Common Policy CA root certificate will be removed in the forthcoming Microsoft Root certificate update on May 24, 2022.
Common Federal Policy Root Certificate will be eliminated Trusted Root Program by Microsoft
As it is used to verify an end-user certificate, a root certificate serves as the foundation of authentication and security. These are granted by a certified authority (CA) and essentially serve to confirm the identity of the program or website owner. In a nutshell, it is a vital link in a chain of trust!
The Microsoft Trusted Root Certificate Program: What Function Does It Serve? It obtains root certificates from certified Certificate Authorities (CAs) and sends them to your device to determine whether Microsoft trusts the applications, apps, and websites in question.
The program has made certain critical changes, such as removing a few partners who will no longer take part in the program, to make this procedure more safe. It is done in an effort to aid consumers in better protecting themselves against emerging risks. A limited number of clients who have credentials from impacted partners may be impacted by the move, despite it being required.
The root certificate that’s being removed by the Microsoft Root Certificate Update is named “Federal Common Policy CA” and is commonly referred to as the “G1” root certificate even though “G1” does not appear in the certificate name. The root certificate that replaces the “G1” root certificate is named “Federal Common Policy CA G2” and is commonly referred to as the “G2” root certificate, mentions the Microsoft document.
Given the concerns, Microsoft urges all owners of digital certificates that it presently trusts to review the list and check to see if their certificates are connected to any of the roots it is removing. This is because of the company’s stricter technical and auditing standards. It is advised that clients who are utilizing certificates provided by one of the identified businesses get new ones from another program supplier.
Additionally, if anyone is still having issues after the “G1” root certificates were removed, they should try manually downloading the “G2” root certificate.