Kepware The Installer Was Unable To Find Required Root Certificates Exclusive ❲95% Trusted❳

Navigate to: Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies .

By following this comprehensive guide, you should be well-equipped to diagnose and resolve the "unable to find required root certificates" error, ensuring a smooth and secure KEPServerEX installation process.

Fixing the Kepware Error: "The Installer Was Unable to Find Required Root Certificates"

Open mmc.exe on the offline machine following the exact path outlined above ( Computer account > Local computer ). Navigate to: Computer Configuration > Policies > Windows

John scratched his head, wondering what could be causing this issue. He checked the internet for solutions, but none of the forums or support pages seemed to have an answer. He even tried contacting Kepware's support team, but they were slow to respond.

If an internet path is open but the feature is blocked by policy, verify that the policy is set to Disabled or Not Configured under: Local Computer Policy > Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication Settings .

Resolving the Kepware Error: "The Installer Was Unable to Find Required Root Certificates" John scratched his head, wondering what could be

Right-click the downloaded .crt file and select . Choose Local Machine and click Next. Select Place all certificates in the following store .

A. Restore/update Windows Trusted Root Certificate store

The simplest and most direct solution recommended by PTC is to ensure your Windows system is fully updated. If an internet path is open but the

At its core, a root certificate is the ultimate anchor of trust in the public key infrastructure (PKI). Issued by a trusted Certificate Authority (CA) such as DigiCert, GlobalSign, or Let’s Encrypt, the root certificate is self-signed and stored in a protected “Trusted Root Certification Authorities” store within the operating system. When Kepware—or any modern application—attempts to establish a secure HTTPS connection for licensing, updates, or IoT Gateway communication, it checks the server’s certificate against this local root store. If the chain of trust leads back to a missing or untrusted root, the connection fails. The word “exclusive” in the error message is particularly telling: it implies that the installer is looking for a specific , non-generic root certificate, likely tied to Kepware’s code-signing or a proprietary communication component (such as the ThingWorx or IoT Gateway add-on). Without that precise root, the installer refuses to proceed, prioritizing security over functionality.

Before tearing your hair out, it's worth mentioning a related issue that can mirror the symptoms of a certificate error. The installer's ability to check for Windows Updates (for solution #1) or to validate online Certificate Revocation Lists (CRLs) can be blocked by an overzealous firewall. While the primary error message points to root certificates, ensure your network and local firewall rules allow standard HTTPS traffic (port 443), which is required for these verification processes.

Modern installers utilize cryptographically signed execution files to ensure that the code has not been modified or corrupted by malicious actors. During setup, the Windows operating system cross-references the digital signature embedded in the Kepware installation package against a local database called the store.

Choose and click Browse . Select Trusted Root Certification Authorities and click OK . Click Next , then click Finish to complete the import.

Look for entries like these: