Check to ensure that the time/date and time zone on Windows is correct.

It seems that these errors only applied to loading the store functionality in Steam; I am able to download and play games. Not a big deal then. I prefer to use a browser to buy games anyway.

Yes, time / date is correct. Thanks anyway

Can try deleting cache, and cookies then restart client, and see if that resolve your issue.

Steam settings > Web broswer > click two buttons delete cache, and cookies, then restart the client.

If using a VPN / proxy, this may also cause this issue.

Deleted cache and cookies; same issue. (Restarted steam after).

The friends network is unreachable; I think this means I won't be able to play games through Steam online multiplayer, which is a big deal.

Try running in Windows safe mode with network enable, and if things are working correctly, then this suggest that something running in the background, or on start up on Windows normal boot, is causing issue.

Or could mean that your firewall / modem /router is blocking things, or your ISP doing something that they shouldn't be doing that causing this problem which is rare case.

Also want to put out this as well.


Can try flushing your network, open command promt as admin, and give this a try.

netsh winsock reset
netsh int ip reset
https://m.youtube.com/watch?v=O4qOzFngjys

If not working still try these in order, then restart, and test.

ipconfig /release
ipconfig /flushdns
ipconfig /renew

- If using DNS, use another service like cloud flare, 1.1.1.1, google, or other DNS service as for whatever odd reason depending where you're from, could be blocking things as well, or just use default settings in OS.

Just tried to launch Halo; failed to start because:

__

Error validating EasyAntiCheat code signing certificate.

__

So this certificate issue seems to be a global problem in my instance of the steam app.

Does anybody know which Windows APIs are used by the steam app for SSL certificates? That could help me track down what needs to be re-enabled.

Originally posted by Dr.Shadowds 🐉:

Try running in Windows safe mode with network enable, and if things are working correctly, then this suggest that something running in the background, or on start up on Windows normal boot, is causing issue.

...

Thanks, I used NTLite to build a custom Windows 10 image for this machine, which has a lot of functionality disabled. There is nothing wrong with basic networking; the machine has an IP and Internet access.

Additionally, Firefox browser is able to connect to SSL sites just fine. Of course, that might be because it isn't relying on the Windows OS to manage certificates for that encryption.

Firefox has it's own certificate store (by default) and doesn't use the Windows one.

Originally posted by Darren:

Firefox has it's own certificate store (by default) and doesn't use the Windows one.

Yup, you're right. After digging a bit, it is clear that Window's built in SSL functionality is broken (because some part of it was ripped out during the NTLite process).

I'm probably going to have to reinstall the OS. It would be nice if there were a way to configure the OS to simply forgo SSL checks, as that would solve this issue, but I suspect that the only folks that could help me with that would be malware developers.

I doubt even they can in order to disable SSL checks you would have to intercept the calls to check SSL and return a response indicating everything is fine.

A DLL replacement would do this for some apps but others would statically link or have their own local copy of the DLL to avoid DLL injection attacks.

At which point only a certificate store that was working would help.

Thanks Darren. Yes, I realized eventually that local packages (.net, for example) might have their own SSL libraries, each of which would have to be 'hooked' to accomplish this.

I'm just going to dedicate this machine to gaming only, and reinstall factory Windows 10. Hate to do it, because I was running a vm on the machine too. Beefy gaming components make for a good workhorse type machine.

Originally posted by Dr.Shadowds 🐉:

...
ipconfig /release
ipconfig /flushdns
ipconfig /renew
...

I had an issue with SSL reporting BAD_CERT_DOMAIN and it persisted with store.steampowered.com even after clearing the browser cache. I diagnosed the problem being a DNS issue since with VPN the problem didn't exist so I tried

ipconfig /flushdns

and that did the trick so thank you for the tip.

if there are more with problems related to that, ensure u have enabled the windows service for getting certificates. it can be disabled through programs like xpantispy for example! if not search through the services either through taskmanager, administrative->services or search for the service through google how to activate it. at least that was my problem. (some uses antispy for a good reason :) )