Where is certificate store
you can replace Windows 2012 with Microsoft Windows Server 2012 or Windows 8. See the following picture (IE -> Options -> Content -> Certificates -> Untrusted Publishers):
This BTW identical with
Previous Windows versions listed every untrusted certificate. This was helpful, because you were able to verify which certificate was blocked. Do you remember http://technet.microsoft.com/en-us/security/advisory/2798897. There's an FAQ entry "After applying the update, how can I verify the certificates in the Microsoft Untrusted Certificates Store? " describing that this is the way you should verify.
But it seems like that does not apply to systems using the automatic updater
of revoked certificates. But this will raise the question:
How should one verify, that these certificates are really blocked?
XP/Server 2003 will list these certificates (these systems currently lists 58 blocked certificates). But Windows 7/Server 2008 R2 for example only list 27 blocked certificates (the certificates from the mentioned advisory aren't listed for example). And now, Windows 8/Server 2012 doesn't list any blocked certificate.
Well, you can filter for CAPI2 events in the application log. You should find an event like
"Successful auto update of disallowed certificate list with effective date: Tuesday, 1. Januar 2013 00:50:01."
But you don't really know what is blocked.Source: social.technet.microsoft.com