Microsoft KB Archive/323035

= FIX: SetClientCertificate May Not Select the Correct Client Certificate =

Article ID: 323035

Article Last Modified on 11/15/2007

-

APPLIES TO

 Microsoft Windows HTTP Services 5.0, when used with:  Microsoft Windows 2000 Service Pack 1

 Microsoft Windows 2000 Service Pack 2

 Microsoft Windows XP Professional 

-

<div class="notice_section">

This article was previously published under Q323035

<div class="symptoms_section">

SYMPTOMS
The WinHTTP SetClientCertificate application programming interface (API) can be used to select a client certificate for secure communication. If you have two client certificates installed and the subject name of the first certificate is the prefix of the subject name of the second certificate, SetClientCertificate may return the second certificate when you try to select the first certificate, and the secure communication may be unsuccessful.

<div class="cause_section">

CAUSE
WinHTTP does a substring comparison on the subject name to select the client certificate and returns the first match.

<div class="resolution_section">

RESOLUTION
A supported hotfix is now available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains this hotfix.

To resolve this problem, submit a request to Microsoft Online Customer Services to obtain the hotfix. To submit an online request to obtain the hotfix, visit the following Microsoft Web site:

http://go.microsoft.com/?linkid=6294451

Note If additional issues occur or any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. To create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

<pre class="fixed_text">  Date         Time   Version        Size     File name ---  07-May-2002  20:53  5.0.2613.1001  292,864  WinHttp5.dll

<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Additional query words: SetClientCertificate

Keywords: kbhotfixserver kbqfe kbbug kbfix kbqfe KB323035

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.