You may encounter issues on Windows Server when surfing the web, SSL certificates appear to be invalid, even though your locale/region settings and date/time are correct.
In this scenario;
Generate a root certificate SST file (from a working computer **IMPORTANT**) using the following command
certutil.exe -generateSSTFromWU roots.sst
Transfer newly generated roots.sst file to affected computer/server and execute the following command
certutil -addstore -f root roots.sst
If the above command does not work, you can manually import the SST file using MMC, add Certificates (Computer Account) snap-in, navigate to Trusted Root Certification Authorities store and import the above SST file.