How to fix “SSL certificate was revoked. [ERROR_INTERNET_SEC_CERT_REVOKED (0x2F8A)]” – Error Code 12170


Error Code 12170

Error code Error Code 12170 is a common Windows issue that typically arises from “SSL certificate was revoked. [ERROR_INTERNET_SEC_CERT_REVOKED (0x2F8A)]”.


In this article, we’ll focus on resolving the issue described as: “SSL certificate was revoked. [ERROR_INTERNET_SEC_CERT_REVOKED (0x2F8A)]”. This error, identified by the error code Error Code 12170, can impede your system’s performance, and here’s how you can fix it.

Identifying the Problem

Error Code 12170 occurs when an SSL certificate that is used to establish a secure connection between a client and a server is revoked. This can happen due to security concerns, such as a compromised private key or a change in the certificate authority (CA) that issued the certificate.

Common Fixes

1. Check the System Time and Date:
* Ensure that the system time and date are accurate. A mismatch between the client and server time can cause SSL certificate errors.

2. Clear the SSL State of the Internet Browsers:
* In Chrome: Go to Settings > Privacy and Security > Clear Browsing Data > Select “Cookies and other site data” and “Cached images and files” > Clear Data.
* In Firefox: Go to Options > Privacy & Security > Cookies and Site Data > Clear Data.

3. Reset the Winsock Catalog:
* Open the Command Prompt as administrator.
* Run the following command: netsh winsock reset
* Restart your computer.

Advanced Troubleshooting

1. Update the Root Certificates:
* Download the latest root certificate updates from Microsoft’s website.
* Install the updates following the instructions provided.

2. Import the Intermediate Certificate:
* If the website uses an intermediate certificate, download and install it in the Trusted Root Certification Authorities store.
* To do this, double-click the certificate file and click “Install Certificate” > “Trusted Root Certification Authorities” > “OK”.

3. Disable Certificate Revocation Checking:
* Warning: This fix may compromise your system’s security.
* Open the Registry Editor (regedit).
* Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp.
* Create a new DWORD value named “DisableCertRevocationCheck” and set its value to 1.


By following these steps, you should be able to resolve Error Code 12170 and restore the proper functioning of your system. Remember to keep your operating system and browsers updated to minimize the risk of encountering this error in the future. If the problem persists, it is recommended to consult with a qualified technician.