FixMySignature — digital signature certificate consulting logoFixMySignature
Windows Diagnostics Hub

Windows Digital Signature & Certificate Diagnostics

Windows signing regressions cluster around cumulative updates, third-party trust providers, and CNG provider conflicts. We benchmark the machine against a known-good baseline and produce a remediation list ranked by impact.

Brief a consultantZoom Book Zoom diagnostic

Symptoms we triage

  • Digital signature not working after Windows 11 update
  • Certificate visible in MMC but not in signing app
  • Edge / Chrome stops offering client certificate
  • Schannel TLS handshake failures with client certs
  • CAPI2 log full of chain-building errors

Diagnostic flow

  1. 1. Capture CAPI2 operational log

    Expected: Chain build errors with leaf + intermediate IDs

  2. 2. Validate certificate

    certutil -verify -urlfetch user.cer

    Expected: All chain elements resolve

  3. 3. Confirm CNG providers

    certutil -csplist

    Expected: Expected KSP / CSP for the token present

OS coverage

Windows 10 / 11

  • Windows 11 23H2 / 24H2 CAPI behaviour
  • Windows 10 22H2 trust store comparisons
  • WSUS / Intune deployed trusted roots

Windows troubleshooting library

In-depth diagnostic write-ups for each common Windows failure mode.

Windows

Windows 11 Signature Not Working

Post-update PKI regression triage.

Read diagnostic
Back to all consulting services →

Frequently asked

Can you fix this without admin rights?

Most trust-store and middleware fixes require local admin. We document what to request from IT if you do not.

More questions

Browse the full FAQ →

Ready to book

Submit a diagnostic intake →

Ready for a structured Windows diagnostic?

Independent consulting, screen-shared Zoom session, written remediation summary.

Zoom Book Zoom diagnostic Send intake