Does anyone else experience this? I recently did fresh installs of Win 10 on my laptops and in certain cases I am getting certificate errors when browsing the web. It happens when I change timezones, but I'm changing the timezone to where I actually am. Here's a basic outline of what I did (installing Windows 10 1909 - from uupdump): I always start fresh, so I delete all partitions on the drive I intend to boot from I let windows automatically create the partitions it wants to use leaving the Region as defaulted to US finish Windows install connect to the internet allow Windows Update to do it's thing in the background proceed with customizations and software installs Most of my software has been installed to an external drive and requires minimal setup to reinstate normal functionality. Mostly just file association stuff in the registry. I make sure to employ SetUserFTA (command-line utility) in my scripts so that I can still go fast and not mess up the registry. It seems that once Windows Update has done something, then the computer is "locked in" to the region it is set to. So, I'm living outside the US, with the time zone set to GMT-8 at install, and I let Windows Update do it's first round of updates. At this point it seems if I change the time zone to where I ACTUALLY am, then web servers that have a particular security protocol set (that makes sure your clock is set "correctly") tell me my time is not set correctly, even though it is. Just wondering if anyone else has experienced this, and if there is a known fix? The only thing that has worked for me so far is to change the timezone and synchronize the time as soon as I connect to the internet BEFORE letting Windows Update do its thing. The only other thing I can think of is to select my actual region during setup I guess. I haven't traveled yet to test out if this will still happen when I cross a timezone and change it manually. I just find it odd to be getting these errors when setting the timezone to my actual location, connecting to servers in my actual location, NOT using a VPN.
Agree that default sync server (time.windows.com) was unreliable in the past. But you can change it quite easily with another one, no need for any external software. timedate.cpl -> Internet Time -> Change settings: time.google.com
Or check if your router provides an own timeserver for your local network and use that. (Mine does). It has the advantage any clients can use it and times of all your clients are in sync to it. Edit: Changing time zones actually does / should not change UTC. It only uses another offset to it. Certificates should consider that.
It is not just about the time, the task and the service can be used by malware to auto-elevate and so on. I disable Task Scheduler service, when I can.