Windows 7 Chrome - NET::ERR_CERT_DATE_INVALID

Help
14

Time for some SCIENCE! (By which I mean, of course, that I tried writing down what I did, since that's the key difference between "science" and "just messing around with stuff".)

  1. I went to Virtual Machines - Microsoft Edge Developer and downloaded the VM for "IE11 on Win7 (x86)" for "HyperV (Windows)" and imported it into Hyper-V
  2. In the VM, opened up Internet Explorer [in its about dialog, it says Version: 11.0.9600.18860; Update Versions: 11.0.49 (KB4052978)]
  3. I confirmed the date and time in the VM was correct.
  4. In IE, visited https://helloworld.letsencrypt.org (which uses the "default" DST Root CA X3 rooted chain), and it opened fine.
  5. In IE, visited https://valid-isrgrootx1.letsencrypt.org (which uses the "alternate" chain rooted in ISRG Root X1, and it opened fine.
  6. In IE, visited https://www.google.com/chrome, unchecked the two boxes, and downloaded Chrome for Windows 10/8.1/7 32-bit
  7. In Chrome, went to Menu / Help / About and got version number: Version 94.0.4606.71 (Official Build) (32-bit)
  8. In Chrome, visited https://helloworld.letsencrypt.org and it worked fine.
  9. In Chrome, visited https://valid-isrgrootx1.letsencrypt.org and it also worked fine.

Now, I don't know how similar that VM image (which lists a "created date" of 1/9/2018 in Hyper-V) is to a "real-world" Windows 7 instance which has who-knows-what installed and has been who-knows-where on the Internet to populate caches and whatnot, but it's at least some evidence that it's possible to have a Windows 7 computer that works for going to sites using Let's Encrypt's certificates. It makes me think that those computers that it's not working on must have had automatic updates turned off many years ago in order to not get the ISRG Root X1 certificate in its trust store, but maybe there's something else going on if people are seeing a high level of Windows 7 issues.

I don't know if this post is actually helpful information, but maybe other people can do their own controlled experiments to figure out what the difference is between Windows 7 systems that work and those that don't.