We are receiving reports of app users encountering “Service Not Started” errors when opening the UI, even though the Certify service is still running. [This issue also affected thousands of other applications worldwide and a resolution has now been found],

This issue is caused by a recent Windows security update (we can reproduce it using KB5066131 but it may be present in other updates as well, e.g. KB5066835).

• This issue affects the underlying http.sys service or interactions with it and will affect many other types of application.
• Some users have reported issues serving from IIS.
• The issue will only appear after restarting (likely because http.sys has to restart). We have found it can take up to 2 restarts for the issue to start appearing.

Our app registers a .net based httplistener for it’s API, which the UI talks to. We can tell that the service is still running and renewing certificates, so the issue primarily affects UI communication with the service.

Server Fault discussion:

Microsoft community discussion (hundreds of comments):

Resolution Options

Updating the Microsoft Defender definitions to Version 1.439.216.0 or higher resolves the issue.

To force an update:

From an Administrator CMD prompt:

cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate

Then reboot.

Note: In some existing cases, especially after updating the app the issue can be a mismatch between the UI config and the service config, in which case deleting servers.json and serviceconfig.json from C:\ProgramData\certify then restarting the Certify background service and re–opening the app can help.