Windows 7: Windows Update fails w/ 0x80072F8F, IE cannot access HTTPS

Discussion in 'Windows Update' started by Kevin, Jun 18, 2011.

  1. Kevin

    Kevin Guest

    I worked for several years in the IT industry fixing a variety of
    other people's systems that were broken in creative ways (in the
    heyday of WinXP spyware). I know my way around most Windows
    troubleshooting techniques and tools and this one has me really
    stumped (and it's on MY computer!).

    Symptoms:
    Windows Update Fails: Code 80072F8F
    IE8 and IE9, any https/ssl page: Cannot Display Page
    Picasa login to Gmail (to send photos) fails: HttpSendRequestEx failed
    (-2146893051) - https://www.google.com/accounts/ClientAuth [12]

    Event Viewer shows clean application and system logs
    Norton Anti-Virus (seems to be related for many people) has never been
    on this system
    Firefox and Google Chrome work perfectly fine, as well as most other
    programs that don't seem to embed Internet Explorer (and thus probably
    leverage more Windows infrastructure)

    Tools run/steps taken that DID NOT SOLVE THE PROBLEM
    Verify (also changed and set back) System Clock in Windows and BIOS
    Windows Update Troubleshooter
    IE "Diagnose Connections"
    Run Windows Update as Administrator
    Clean Boot w/ non-MS services, startups disabled
    Update to win7 sp1
    Update to IE 9
    sfc /scannow
    Disable UAC
    Disable Windows Firewall
    Update to latest AVG Free
    AVG Free Rootkit Scan
    Uninstalled AVG Free
    ComboFix
    MalwareBytes
    Kaspersky tdsskiller
    MS System Update Readyness Tool
    Clear root certificates from registry (can't remember MS KB#)
    MS Root Certificates Update
    MS Automated Troublehsooting Tool
    MS Fix It 50191
    MS Fix It 50202
    MS Fix It 50528
    MS Fix It 50531
    Reset IE Settings
    Disable certificate revocation checking
    Ensure nothing in IE blocked zone
    Ensure Windows Update in IE trusted zone
    ....probably forgetting some others, please suggest things to try!

    I'd really love some advice as I haven't been involved in fixing
    issues like this in a long time. I love the Fix It's (soo much easier
    than doing it all by hand); I just wish they actually fixed my issue!

    Thanks!
    -Kevin
     
    Kevin, Jun 18, 2011
    #1
    1. Advertisements

  2. Kevin

    Peter Foldes Guest

    .. 0x80072F8F -2147012721
    ERROR_INTERNET_SECURE_FAILURE ErrorClockWrong
    One or more errors were found in the Secure Sockets Layer (SSL) certificate
    sent by the server.

    http://www.updatexp.com/0x80072f8f.html

    Make sure that the time and date including Internet Zone are correct on your
    computer.
    You may have to reboot after synchronizing your computer's time etc.

    Check the date on your computer.

    Start button || Control Panel || Clock || Language || Region

    Then click Date and Time - make sure that the date and time are correct.

    (Provide the Administrator password or confirmation if prompted to do so.)

    Windows Update error 80072f8f
    http://windowshelp.microsoft.com/Windows/en-US/Help/bc1393cf-9f9c-79c7-0f91-9337c2c412341033.mspx

    Error message when you search for updates in Windows Vista: "Windows could
    not search for new updates (Code 80072F8F)"
    http://support.microsoft.com/kb/929458


    --
    Peter
    Please Reply to Newsgroup for the benefit of others
    Requests for assistance by email can not and will not be acknowledged.
    This posting is provided "AS IS" with no warranties, and confers no rights.
    http://www.microsoft.com/protect


     
    Peter Foldes, Jun 18, 2011
    #2
    1. Advertisements

  3. Kevin

    Kevin Guest

    As mentioned, I have already verified the system clock settings and
    that did not resolve it. This was the very first thing I attempted.
    Please read the list of items I have tried before responding
    suggesting the same things. I am coming to this list for help because
    two days' of searching the internet and trying every seemingly
    relevant solution has not yet yielded results.
    -Kevin
     
    Kevin, Jun 18, 2011
    #3
  4. Kevin

    MowGreen Guest


    Is FIPS Enabled ?

    # Administrative Tools, Local Security Policy.
    # In Local Security Settings, expand Local Policies, and then click
    Security Options.
    # Under Policy in the right pane, double-click System cryptography: Use
    FIPS compliant algorithms for encryption, hashing, and signing, and then
    click Disabled.

    If no joy, have you tried renaming the *Catroot2* (NOT Catroot)
    subfolder after stopping the Cryptographic Service and then restarted
    the system ?

    If the system still fails to connect to the update servers after doing
    the above try rebuilding the winsock stack from an Elevated Command
    Prompt and then reboot - netsh reset winsock

    Also, check the LAN settings in Internet Options > Connections > LAN
    settings > If 'Automatically detect settings' is checked, uncheck it.
    If it's unchecked, check it.

    Microsoft continually mentions a proxy server can be the cause of the
    0x80072F8 return code. Does netsh winhttp showproxy show any such
    proxy ?

    And, finally, what happens when you try to manually update from the MS
    Download Center ?

    Since the other browsers function properly then it's safe to assume that
    this an OS issue. Has the issue always been present or did it start to
    occur after installing software/hardware ?


    MowGreen
    ================
    *-343-* FDNY
    Never Forgotten
    ================

    "Security updates should *never* have *non-security content* prechecked
     
    MowGreen, Jun 20, 2011
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.