New
#1
Issue with SSL certs on one profile only
As I'm have two individual questions, I wanted to go ahead and post a thread for this question as well.
My mother's laptop is an HP Pavillion dm4 Notebook PC running Windows 7 Home Premium. She bought the computer used. The previous owner had the computer set up, so that you could only log in with a fingerprint. As she can't supply a fingerprint, she can only log in to a temporary profile when she wants to use the computer. I've been trying to fix this problem, but have run in to an error.
From within the temporary profile (Which appears to have admin rights), I created a new user, and gave it admin privileges. She can log in to that profile just fine. However, she can't seem to use the internet from that profile; every HTTPS site gives a privacy/certificate error. For example, in Chrome, it's "Your connection is not private" (NET::ERR_CERT_AUTHORITY_INVALID). Edge and Firefox give similar errors. There is no option to proceed in the browser and she is fully blocked from visiting the sites. HTTP is NOT an issue, and she can visit HTTP sites. This error does NOT occur within the temporary profile.
My assumption is that the profile does not have the SSL certs available to it, or does have them, but doesn't have the permissions to access them. However, I'm confused how to investigate this, and what to do to resolve it. I've read about certmgr.msc which can be run from powershell, but let's suppose I discover there's no certs on that profile - where do I get them from, how do I know what to get? Is there a reason they aren't downloading automatically (like they do in the temp profile?) How can I fix things so that the profile starts getting certs on its own like normal?
Finally I'd wonder - are you even allowed to create a full admin profile, from within a temp profile? Or will the profile always end up corrupted somehow? Maybe what I'm doing is simply a lot cause?
Any advice here is appreciated.
P.S. Here's troubleshooting I've done so far: (1) resynched clock with internet time server (2) disable anti-virus and firewall to make sure it's not blocking certs (3) cleared any browsing history and cache (4) checked for any recently installed programs that could be interferring (4) ran 'sfc /scannow' (5) Installed all pending Windows updates (6) double checked her internet connection is active. No results from any of these things.