PRB: Digitally Signed File Cannot Be Confirmed by IE4 (183805)
The information in this article applies to:
- Microsoft ActiveX SDK
- Microsoft SDK for Java 1.5
- Microsoft SDK for Java 1.51
This article was previously published under Q183805 SYMPTOMS
When downloading a digitally signed file, rather than popping up the
certificate dialog box as expected, a message box comes up indicating that
the file has been digitally signed but that it cannot be confirmed.
CAUSE
Microsoft has recently confirmed a rare certificate verification problem
caused by the .reg files offered as part of the tools set of the ActiveX
SDK and SDK for Java 1.5x. The problem is that the .reg files, Wvtston.reg
and Wvtstoff.reg, set the system to check Verisign's revocation server
extraneously. This error occurs only when your system is set to check the
revocation server, and the revocation server itself is down.
RESOLUTION
Use SetReg.exe available in the Internet Client SDK's \Inetsdk\Bin folder
or the \bin\packsign directory of the SDK for Java 2.0x or later, rather
than the .reg files in the ActiveX SDK or older SDK for Java. SetReg.exe
should be used to disable Revocation checking on your machine.
By issuing the following command, the revocation server for individual
certificates is disabled:
setreg 4 true
By issuing the following command, the revocation server for commercial
certificates is disabled:
setreg 5 true
REFERENCES
For more information, please refer to code signing on the MSDN Online Web Workshop. Additionally, you can find information on code signing in the SDK for Java
2.0 or later in the \Sdk-java\Bin\Packsign directory.
Downloading Code on the Web is an excellent article on the MSDN Online Web Workshop that provides information on digital signing. It also contains many links to various resources related to component download.
| Modification Type: | Major | Last Reviewed: | 7/18/2001 |
|---|
| Keywords: | kbCodeSign kbDSupport kbFAQ kbprb KB183805 |
|---|
|