If your machine has temporary internet access, this is the simplest fix.
Manual Root Certificate Update (For Windows 7/8/Server 2008):
Retry Kepware Installation. The error should now be resolved.
Introduction: The Certificate Conundrum
Kepware is the gold standard for industrial connectivity, acting as the bridge between diverse automation devices and IT/OT systems (OPC, MQTT, REST, etc.). However, even the most robust software can be stopped in its tracks by a seemingly obscure operating system error.
One of the most frustrating errors encountered during the installation or upgrade of Kepware products (including KEPServerEX, ThingWorx Kepware Edition, or LinkMaster) is:
"The installer was unable to find required root certificates." If your machine has temporary internet access, this
This error halts the installation process immediately, leaving engineers and IT professionals confused. This article provides an exhaustive deep dive into why this error occurs and, more importantly, the exact step-by-step solutions to resolve it.
C:\Users\%USERNAME%\AppData\Local\Temp\Kepware_Install.log
Look for lines containing CERTIFICATE, ROOT CA, or TRUST.
Run this from an elevated command prompt before launching the installer: Retry Kepware Installation
certutil -verify -urlfetch C:\path\to\some\kepware\signed\file.dll
Or enable CAPI2 logging:
Myth 1: "I can just reinstall Windows to fix this." Reality: A fresh, offline Windows install has no root certificates except a minimal set. A clean install will actually make the error more likely unless you immediately apply root updates.
Myth 2: "My antivirus is deleting the certificates." Reality: AV rarely deletes root certs. However, aggressive "HTTPS scanning" or "SSL inspection" features can intercept certificate validation. Try temporarily disabling AV during installation. Look for lines containing CERTIFICATE
Myth 3: "Kepware is broken; I need an older version." Reality: Older versions (pre-6.0) used SHA-1 certificates, which are now deprecated. Modern Windows rejects them. Downgrading is a security risk and often fails worse.