Whoever solves this Microsoft certificate puzzle, please come forward !!!


suatcini54

suatcini54

Well-known member
Power User
VIP
Local time
8:36 PM
Posts
660
OS
Windows 11 Pro build 26200.8524
This is my computer with Microsoft CA 2023 certificates.

SB-1.webp

I created a bootable USB flash drive using Microsoft's MCT (media creation tool).

I opted for the default setting "Use recommended options for this computer"

MCT.webp

When USB flash drive was ready, I tried to boot off of it. Mind you, bootable USB flash drive was prepared for this computer..

boot-1.webp

Was my computer able to boot to the bootable USB flash drive created out of MCT ? The answer is a big NO. Was I surprised ? NO.

boot-2.webp

When I checked the certificate of bootx64.efi file, I saw that certificate of this file was Microsoft Windows Production PCA 2011.

bootx64-1.webp

USB flash drive was formatted in FAT32. MCT downloaded Windows 11 25H2 Build 26200.8653 and created the bootable USB flash drive.

If I will not be able to boot to a bootable USB flash drive created with MCT, what am I supposed to do when I need to boot to a USB flash drive ?

Fortunately, my Windows never bluescreens or gets corrupt because I am not a heavy computer user and I never abuse my Windows. I take great care of it.

Does anyone have an idea of what I should have done instead of the above ?

Next time I will try a bootable USB flash drive using famous uupdump.net with updatedbootfiles=1
 

My Computers My Computers

System One System Two

  • At a glance

    Windows 11 Pro build 26200.8524Intel i7-4790Teams DDR3-1600 4x4 GBMSI Nvidia GeForce GTX 1050Ti
    OS
    Windows 11 Pro build 26200.8524
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600 4x4 GB
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    Dell P2425D
    Screen Resolution
    2560 by 1440 pixels
    Hard Drives
    Corsair NVMe M.2 Core XT 1000 GB (Windows 11 v.25H2); Samsung SATA Evo 870 500 GB (Windows 11 v.25H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    500 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender

  • At a glance

    MacOS 12 MontereyIntel Core i58 GBIntel integrated
    Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Keyboard
    Built-in
    Mouse
    Microsoft Wireless
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A
Update the USB drive using this command.
In this example F: is the drive letter of the USB drive so if needed adjust to whatever the drive letter is of your USB drive.

Code: 
copy C:\Windows\Boot\EFI_EX\bootmgfw_EX.efi F:\EFI\boot\bootx64.efi
 

My Computer My Computer

At a glance

Windows 11 Pro
OS
Windows 11 Pro
You can run the check script with the -BootMedia option to check what's on the USB drive.
Or use the update script with -BootMedia.
 

My Computer My Computer

At a glance

Windows 7
OS
Windows 7
@KevTech and @garlin Thanks for your prompt responses.

Here are the results:

First check script with bootmedia argument

bootmedia.webp

Now bootx64.efi file replacement:

bootx64.webp

Now I will try to reboot to USB flash drive and advise the results.
 

My Computers My Computers

System One System Two

  • At a glance

    Windows 11 Pro build 26200.8524Intel i7-4790Teams DDR3-1600 4x4 GBMSI Nvidia GeForce GTX 1050Ti
    OS
    Windows 11 Pro build 26200.8524
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600 4x4 GB
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    Dell P2425D
    Screen Resolution
    2560 by 1440 pixels
    Hard Drives
    Corsair NVMe M.2 Core XT 1000 GB (Windows 11 v.25H2); Samsung SATA Evo 870 500 GB (Windows 11 v.25H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    500 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender

  • At a glance

    MacOS 12 MontereyIntel Core i58 GBIntel integrated
    Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Keyboard
    Built-in
    Mouse
    Microsoft Wireless
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A
And you cam always turn off secure boot when you need to use a bootable USB that you own.
 

My Computers My Computers

System One System Two

  • At a glance

    Windows 11 Pro 25H2 26200.8737AMD Ryzen 7 5825U with Radeon Graphics16GB
    OS
    Windows 11 Pro 25H2 26200.8737
    Computer type
    Laptop
    Manufacturer/Model
    Acemagic LX15PRO
    CPU
    AMD Ryzen 7 5825U with Radeon Graphics
    Motherboard
    BIOS CT_BI_AMI_LX15PRO_AB8139_A-004
    Memory
    16GB
    Screen Resolution
    1920 x 1080
    Hard Drives
    SSD 2TB
    Internet Speed
    30 Mbps
    Browser
    Brave
    Antivirus
    Defender/Windows Security
    Other Info
    System 3

    Acer Swift SF114-34 laptop
    OS Windows 11 Pro 26200.8737
    CPU Pentium Silver N6000
    RAM 4GB
    BIOS v1.17
    SSD Samsung 970 EVO Plus SSD 2TB (an upgrade)

  • At a glance

    Windows 11 Pro 23H2 22631.2506Atom N450 1.66GHz2GB
    Operating System
    Windows 11 Pro 23H2 22631.2506
    Computer type
    Laptop
    Manufacturer/Model
    HP Mini 210-1090NR PC (bought in late 2009!)
    CPU
    Atom N450 1.66GHz
    Memory
    2GB
    Browser
    Brave
    Antivirus
    Webroot
kelper said:
And you cam always turn off secure boot when you need to use a bootable USB that you own.
Click to expand...
Yes, thanks for the idea. It is always an option at hand. But Microsoft must find ways for us to not go to such extreme measures as disabling Secure Boot.
 

My Computers My Computers

System One System Two

  • At a glance

    Windows 11 Pro build 26200.8524Intel i7-4790Teams DDR3-1600 4x4 GBMSI Nvidia GeForce GTX 1050Ti
    OS
    Windows 11 Pro build 26200.8524
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600 4x4 GB
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    Dell P2425D
    Screen Resolution
    2560 by 1440 pixels
    Hard Drives
    Corsair NVMe M.2 Core XT 1000 GB (Windows 11 v.25H2); Samsung SATA Evo 870 500 GB (Windows 11 v.25H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    500 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender

  • At a glance

    MacOS 12 MontereyIntel Core i58 GBIntel integrated
    Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Keyboard
    Built-in
    Mouse
    Microsoft Wireless
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A
After replacing the bootx64.efi file with the one in \Windows\boot\EFI_EX\bootmgfw_EX.efi file (renamed to bootx64.efi), my computer was able to boot to the bootable USB flash drive.

boot-1.webp

boot-2.webp

boot-3.webp

So this file copying and renaming must be incorporated into the Media Creation Tool by Microsoft. Maybe Microsoft is waiting for the time to come when Windows Production PCA 2011 will be revoked and eliminated for once and for all.

Happy computing.
 

My Computers My Computers

System One System Two

  • At a glance

    Windows 11 Pro build 26200.8524Intel i7-4790Teams DDR3-1600 4x4 GBMSI Nvidia GeForce GTX 1050Ti
    OS
    Windows 11 Pro build 26200.8524
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600 4x4 GB
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    Dell P2425D
    Screen Resolution
    2560 by 1440 pixels
    Hard Drives
    Corsair NVMe M.2 Core XT 1000 GB (Windows 11 v.25H2); Samsung SATA Evo 870 500 GB (Windows 11 v.25H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    500 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender

  • At a glance

    MacOS 12 MontereyIntel Core i58 GBIntel integrated
    Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Keyboard
    Built-in
    Mouse
    Microsoft Wireless
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A
I have no idea how Media Creation Tool determines which of the two boot files (CA 2011 or CA 2023) to pick. You would think it checked the host Windows, and copied CA 2023, since you already have the UEFI CA 2023 installed. 🤷‍♂️

Unlike Rufus which provides an explicit option to use CA 2023 boot files, it's not clear if MCT will catch up and explain which boot file it will be using.

While the products.cab changes every month, we're still using the same MCT tool from October 2025.
 

My Computer My Computer

At a glance

Windows 7
OS
Windows 7
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom