Npcap's installer adds certificates to the system's trust store in order to avoid issues with signature validation on some systems. Using certutil.exe to add a certificate when one with the same thumbprint already exists will result in a duplicate if the existing cert has additional context info like FriendlyName. These duplicate certs can cause problems for software using Windows APIs like System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore, which fails if it does not find exactly one certificate that matches.

Our intended fix is for the installer to first check if a certificate exists in the store before attempting to install it. Also, if a duplicate without FriendlyName is found, we will delete that duplicate.