PRB: Digitally Signed File Cannot Be Confirmed by IE4ID: Q183805
|
When downloading a digitally signed file, rather than popping up the certificate dialog box as expected, a message box comes up indicating that the file has been digitally signed but that it cannot be confirmed.
Microsoft has recently confirmed a rare certificate verification problem caused by the .reg files offered as part of the tools set of the ActiveX SDK and SDK for Java 1.5x. The problem is that the .reg files, Wvtston.reg and Wvtstoff.reg, set the system to check Verisign's revocation server extraneously. This error occurs only when your system is set to check the revocation server, and the revocation server itself is down.
Use SetReg.exe available in the Internet Client SDK's \Inetsdk\Bin folder
or the \bin\packsign directory of the SDK for Java 2.0x or later, rather
than the .reg files in the ActiveX SDK or older SDK for Java. SetReg.exe
should be used to disable Revocation checking on your machine.
By issuing the following command, the revocation server for individual
certificates is disabled:
setreg 4 true
setreg 5 true
For more information, please refer to code signing on the MSDN Online Web Workshop. Additionally, you can find information on code signing in the SDK for Java
2.0 or later in the \Sdk-java\Bin\Packsign directory.
Downloading Code on the Web is an excellent article on the MSDN Online Web Workshop that provides information on digital signing. It also contains many links to various resources related to component download.
Additional query words: revocation certificate Verisign
Keywords : kbIE400 kbIE401 kbSDKJava300 kbIE302 kbSDKJava310 AXSDKCodeSign kbSDKJava320
Version : WINDOWS: 1.5,1.51,4.0,4.01
Platform : WINDOWS
Issue type : kbprb Last Reviewed: July 14, 1999