Troubleshooting for certificate validation failure

How to check for respective certificates in the window's store?

Certificate validation is a process that ensures the server's authenticity.
Please check to see if your remote customer's PC has updated certificates in the Windows Store.
  1. Check the registry policy settings "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate"
  2. If the value is set to "0," the remote device's automatic root certificate update is disabled.
  3. If the customer has the requisite permissions, he or she can manually install the needed certificate by downloading it from a web browser.
To download a certificate via a browser, follow these steps:
Open a browser and try assist.zoho.com (Varies based on your domain) and us4-dms.zoho.com or try the inaccessible gateway(Find from inspect mentioned in above step) to check the certificate.

  1. To view the Certificate, click on the lock button to the left of the link.

  2. Click on "Connection is secure" and then click "Certificate is Valid".

  3. Then click the Certification Path tab,  you can view the certificate chain.

  4. Double click on the parent certificate(first one).

  5. Go to Details tab and click on Copy to File…, this will open up the Certificate Export Wizard.

  6. Click Next, and then select the format "DER encoded binary X.509 (.CER)", then click Next.

  7. Choose the directory where the certificate needs to be saved. Give the certificate a name and save it.

  8. Click Finish and you will notice "The Export was successful", Click OK.

Steps to install the downloaded certificate:

  1. Open command prompt in Administrator mode.

  2. Copy the file path of the downloaded certificate and paste at the end of the below command.

certutil -addstore "Root" ____

            Example : certutil -addstore "Root" "C:\Users\Administrator\Desktop\cert\CertificateDownloaded"