Microsoft KB Archive/822540

= FIX: Certificate Verification May Fail for Certificates That Have More Than One Common Name =

Article ID: 822540

Article Last Modified on 5/27/2005

-

APPLIES TO


 * Microsoft Windows CE .NET 4.2

-





SYMPTOMS
When you try to access an Internet site by using secure socket layering (SSL), you may receive an error message that indicates that the site's certificate is not valid or that it does not match the name of the site.



CAUSE
The Windows CE WinInet component checks only the first common name (CN) that is listed in the site certificate. If the first name in the certificate does not match the name that is used to connect to the site, you receive an error.



Hotfix Information
A supported software update is now available from Microsoft as Windows CE Platform Builder 4.2 Core OS QFE 030724_KB822540. To resolve this problem immediately, click the following article number for information about obtaining Windows CE Platform Builder and core operating system software updates:

837392 How to locate core operating system fixes for Microsoft Windows CE Platform Builder products

Prerequisites
Install all previously released updates for this version of the Windows CE operating system.

Restart Requirement
You do not have to restart your computer after you apply this hotfix.

Hotfix Replacement Information
This hotfix does not replace any other hotfixes.

File Information
The English version of this package has the file attributes (or later) that are listed in the following table.   Date         Time   Version            Size    File name 24-Jul-2003 18:58  4.2.3.724       6,027,880  Wincepb42-030724-kb822540-armv4.exe 24-Jul-2003 18:58  4.2.3.724       6,027,880  Wincepb42-030724-kb822540-armv4i.exe 24-Jul-2003 18:58  4.2.3.724       6,105,704  Wincepb42-030724-kb822540-mipsii.exe 24-Jul-2003 18:59  4.2.3.724       6,109,800  Wincepb42-030724-kb822540-mipsii_fp.exe 24-Jul-2003 18:59  4.2.3.724       6,183,528  Wincepb42-030724-kb822540-mipsiv.exe 24-Jul-2003 18:59  4.2.3.724       6,183,528  Wincepb42-030724-kb822540-mipsiv_fp.exe 24-Jul-2003 18:58  4.2.3.724       5,876,328  Wincepb42-030724-kb822540-sh3.exe 24-Jul-2003 18:58  4.2.3.724       5,880,424  Wincepb42-030724-kb822540-sh4.exe 24-Jul-2003 18:58  4.2.3.724       5,360,232  Wincepb42-030724-kb822540-x86.exe The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time                    Size    File name --  Path: Public\Common\Oak\Lib\Armv4\Debug 18-Jul-2003 21:59                  1,625,052  Certstor.lib 18-Jul-2003 21:59                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Armv4\Retail 18-Jul-2003 21:59                  1,442,584  Certstor.lib 18-Jul-2003 21:59                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Armv4i\Debug 18-Jul-2003 22:01                  1,629,100  Certstor.lib 18-Jul-2003 22:01                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Armv4i\Retail 18-Jul-2003 22:01                  1,447,022  Certstor.lib 18-Jul-2003 22:01                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsii\Debug 18-Jul-2003 22:03                  1,622,660  Certstor.lib 18-Jul-2003 22:03                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsii\Retail 18-Jul-2003 22:03                  1,527,068  Certstor.lib 18-Jul-2003 22:03                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsii_fp\Debug 18-Jul-2003 22:05                  1,622,804  Certstor.lib 18-Jul-2003 22:05                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsii_fp\Retail 18-Jul-2003 22:04                  1,527,270  Certstor.lib 18-Jul-2003 22:04                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsiv\Debug 18-Jul-2003 22:06                  1,657,114  Certstor.lib 18-Jul-2003 22:06                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsiv\Retail 18-Jul-2003 22:06                  1,543,732  Certstor.lib 18-Jul-2003 22:06                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsiv_fp\Debug 18-Jul-2003 22:08                  1,657,258  Certstor.lib 18-Jul-2003 22:08                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Mipsiv_fp\Retail 18-Jul-2003 22:08                  1,543,934  Certstor.lib 18-Jul-2003 22:08                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Sh3\Debug 18-Jul-2003 22:10                  1,401,770  Certstor.lib 18-Jul-2003 22:10                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Sh3\Retail 18-Jul-2003 22:10                  1,334,170  Certstor.lib 18-Jul-2003 22:10                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Sh4\Debug 18-Jul-2003 22:12                  1,401,746  Certstor.lib 18-Jul-2003 22:12                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\Sh4\Retail 18-Jul-2003 22:12                  1,333,312  Certstor.lib 18-Jul-2003 22:12                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\X86\Debug 18-Jul-2003 21:57                  1,242,236  Certstor.lib 18-Jul-2003 21:57                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Common\Oak\Lib\X86\Retail 18-Jul-2003 21:57                  1,170,100  Certstor.lib 18-Jul-2003 21:57                    430,080  Certstor.pdb 22-Apr-2003 22:09                      7,937  Crypt32.def

Path: Public\Ie\Oak\Lib\Armv4\Debug 18-Jul-2003 21:59                  6,591,670  Wininet.lib 18-Jul-2003 21:59                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Armv4\Retail 18-Jul-2003 21:58                  4,532,246  Wininet.lib 18-Jul-2003 21:58                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Armv4i\Debug 18-Jul-2003 22:01                  6,605,878  Wininet.lib 18-Jul-2003 22:01                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Armv4i\Retail 18-Jul-2003 22:00                  4,540,066  Wininet.lib 18-Jul-2003 22:00                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsii\Debug 18-Jul-2003 22:02                  6,575,162  Wininet.lib 18-Jul-2003 22:02                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsii\Retail 18-Jul-2003 22:02                  4,617,880  Wininet.lib 18-Jul-2003 22:02                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsii_fp\Debug 18-Jul-2003 22:04                  6,576,796  Wininet.lib 18-Jul-2003 22:04                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsii_fp\Retail 18-Jul-2003 22:04                  4,619,118  Wininet.lib 18-Jul-2003 22:04                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsiv\Debug 18-Jul-2003 22:06                  6,652,876  Wininet.lib 18-Jul-2003 22:06                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsiv\Retail 18-Jul-2003 22:05                  4,657,202  Wininet.lib 18-Jul-2003 22:05                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsiv_fp\Debug 18-Jul-2003 22:08                  6,654,512  Wininet.lib 18-Jul-2003 22:08                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Mipsiv_fp\Retail 18-Jul-2003 22:07                  4,658,444  Wininet.lib 18-Jul-2003 22:07                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Sh3\Debug 18-Jul-2003 22:10                  6,048,810  Wininet.lib 18-Jul-2003 22:10                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Sh3\Retail 18-Jul-2003 22:09                  4,288,918  Wininet.lib 18-Jul-2003 22:09                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Sh4\Debug 18-Jul-2003 22:12                  6,048,810  Wininet.lib 18-Jul-2003 22:12                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\Sh4\Retail 18-Jul-2003 22:11                  4,283,326  Wininet.lib 18-Jul-2003 22:11                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\X86\Debug 18-Jul-2003 21:57                  5,403,012  Wininet.lib 18-Jul-2003 21:57                    684,032  Wininet.pdb

Path: Public\Ie\Oak\Lib\X86\Retail 18-Jul-2003 21:56                  3,963,142  Wininet.lib 18-Jul-2003 21:56                    684,032  Wininet.pdb



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
Certificates may list multiple names if the computer is accessed by different names. For example, a computer may be accessed by the NetBIOS name by users on a LAN. That same computer may also be accessed by any fully qualified domain name (FQDN) that uses the company's domain name.

This update requires WinInet to check all the common names that are in the certificate for a match.

Keywords: kbbug kbfix kbqfe KB822540

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.