Microsoft KB Archive/207523

= Error occurs during SSL connection =

Article ID: 207523

Article Last Modified on 6/30/2006

-

APPLIES TO


 * Microsoft Internet Information Server 4.0
 * Microsoft Internet Explorer 4.0 128-Bit Edition

-



This article was previously published under Q207523



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SYMPTOMS
When you attempt to connect to an IIS Web site using an SSL connection, one of the following symptoms occurs, depending on the browser being used:

In Internet Explorer, the following error message occurs:

Internet Explorer could not open the Internet site: 

The data area passed to a system call is too small.

Netscape Communicator stops responding when you attempt to make the connection.



CAUSE
The browser is trying to use a 128-bit session key, but the Web server is set up to use a 40-bit key.



RESOLUTION
Note Due to export restrictions, the 128-bit key strength encryption feature is available only in the United States and Canada.

To resolve this problem, install the 128-bit version of the latest Windows NT 4.0 Service Pack (SP). This will enable the Web server to create 128-bit connections.

Installing the 128-bit version of the Windows NT SP updates the Schannel.dll file, which is used by IIS to create SSL connections.



MORE INFORMATION
For more information about setting encryption strength, copy the following URL to your browser:

http://localhost/iishelp/iis/htm/core/iistesc.htm

For information on how to determine the security strength that IIS is using, see the following article in the Microsoft Knowledge Base:

184311 Remote key request generation affected by Schannel.dll

(c) Microsoft Corporation 2000, All Rights Reserved. Contributions by Kevin Zollman, Microsoft Corporation.

Additional query words: schannel.dll 40 128 128bit 40bit security hangs freezes quits north america akz

Keywords: kbprb kbpending KB207523

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.