0X80092022

Fix CRYPT_E_INVALID_IA5_STRING (0x80092022) in 3 Steps

Cybersecurity & Malware Intermediate 👁 0 views 📅 May 28, 2026

This error means a certificate or file path has non-ASCII characters. Try the quick date fix first, then check the cert, or reinstall the app.

What This Error Actually Means

Saw this error on a client's Windows Server 2022 last week. They were trying to install an update for a line-of-business app and got hit with CRYPT_E_INVALID_IA5_STRING (0x80092022). The message says the string contains a character not in the 7-bit ASCII character set. Sounds cryptic, right? In plain English: a digital certificate or file path has a character that shouldn't be there – like an accented letter, a Unicode character, or even a misplaced space. This usually shows up during certificate validation, Windows Update, or when an app tries to verify a signature.

Don't panic. Most of the time it's a quick fix. Let's walk through it step by step – you can stop as soon as it's fixed.

The 30-Second Fix: Check Your System Time

I can't tell you how many times I've seen this error because the system clock was off. Certificates have a validity period, and Windows checks the current time against that. If your computer's date is wrong – like set to 2025 when it's really 2024 – you'll get this error because the certificate's issuer name looks invalid due to a date-mismatched encoding issue.

  1. Right-click the clock in the bottom-right corner and select Adjust date/time.
  2. Toggle Set time automatically to On. If it's already on, turn it off, wait 10 seconds, then turn it back on.
  3. Make sure your time zone is correct. I've seen this happen after a Daylight Saving Time shift.
  4. Click Sync now under Synchronize your clock.

After that, try whatever you were doing again. If the error's gone, you're done. If not, move on.

The 5-Minute Fix: Check the Certificate Itself

If the time was fine, the problem is likely a certificate that was issued with illegal characters – like a colon or accent in the subject name. This happened to a customer using a self-signed certificate for their internal web app. The cert had a ñ in the company name, and Windows wouldn't touch it.

  1. Open the Microsoft Management Console: Press Win + R, type mmc, and press Enter.
  2. Go to File > Add/Remove Snap-in. Choose Certificates > Computer account > Local computer.
  3. Look under Personal > Certificates for any certificates with names that include special characters (like é, ü, ñ, or symbols).
  4. Right-click and select Open. Check the Subject and Issuer fields for any non-ASCII characters.
  5. If you find one, you need to reissue the certificate with only standard letters, numbers, and hyphens. Use a tool like certreq or your CA to generate a clean one.

To quickly list certificates with potential issues, run this in an elevated command prompt:

certutil -store My | findstr /i "0x80092022"

That'll show you which cert is triggering the error. If you see a specific serial number, you've found your culprit.

The 15+ Minute Fix: Deep Clean and Reinstall

If the first two steps didn't work, the issue is deeper – maybe a corrupted certificate store or a software bug. Here's the nuclear option, but it works.

Step 1: Rebuild the Certificate Store

Windows can re-download trusted root certs. Open an elevated command prompt and run:

certutil -generateSSTFromWU roots.sst
certutil -addstore Root roots.sst

This pulls the latest root certs from Windows Update and forces a refresh. I've fixed stubborn update failures with this.

Step 2: Reinstall the Problematic Software

If the error happens with a specific app (like an old accounting tool or a custom ERP), the app itself might have a bad certificate embedded. Uninstall the app completely, restart, then reinstall from a fresh download. Make sure the installer doesn't include any Unicode in its file path – rename the folder to just letters and numbers if needed. I saw a case where a client named their folder "Cópias de Segurança" and the installer choked on the accent.

Step 3: Check Event Logs for Clues

Open Event Viewer and look under Windows Logs > Application and System. Filter by Event ID 1001 or search for 0x80092022. Sometimes the log entry will tell you exactly which file or certificate triggered it. For example, I once traced it to a .cat file (catalog file) that had a corrupted signature.

Step 4: Last Resort – System File Checker

Corrupted system files can cause this too. Run:

sfc /scannow

If it finds errors, let it fix them, then restart. Follow up with DISM /Online /Cleanup-Image /RestoreHealth for good measure.

When to Give Up and Call Support

If you've gone through all this and the error still appears, you're dealing with a bug in the software itself. Microsoft has acknowledged this error in some older versions of Windows 10 and Server 2016 – a cumulative update might fix it. Check for Windows Updates, or contact the app vendor. But honestly, 9 out of 10 times it's either the clock or a bad certificate.

Was this solution helpful?

CRYPT_E_INVALID_IA5_STRING 0x80092022 crypt32.dll error certificate error non-ASCII Windows update certificate error SSL certificate issue 7-bit ASCII certificate system time fix certificate revocation check reissue certificate reinstall software certificate CRYPT_E_INVALID_IA5_STRING fix Windows 11 certificate error server 2022 certificate error