Microsoft KB Archive/884900

= After you install security update 835732 on a Windows-based computer, the Cryptographic API cannot download the Certificate Revocation List =

Article ID: 884900

Article Last Modified on 2/14/2006

-

APPLIES TO


 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 5.0
 * Microsoft Internet Explorer 4.5 128-Bit Edition
 * Microsoft Internet Explorer 3.2

-





SYMPTOMS
You install security update 835732 (security bulletin MS04-011) on a Microsoft Windows-based computer. When the Cryptographic API (CAPI) tries to download the Certificate Revocation List (CRL) by connecting through a proxy server, the proxy server may not authenticate user credentials from the Windows-based computer. In this case, the CAPI cannot download the CRL.

Note Microsoft Internet Explorer uses the CAPI.



STATUS
This behavior is by design.



MORE INFORMATION
If security update 835732 is not applied, the CAPI uses the Wininet.dll file to communicate with proxy servers. However, if security update 835732 is applied, the CAPI uses the Winhttp.dll file instead of the Wininet.dll file to communicate with proxy servers. The Winhttp.dll file does not provide any user interface to enter user credentials that are required for basic authentication. Also, there is no interface between the Wininet.dll file and the Winhttp.dll file that acts as a handover mechanism for user credentials.

Keywords: kbtshoot KB884900

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.