Article ID: 260981
Article Last Modified on 11/21/2006
APPLIES TO
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
This article was previously published under Q260981
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
SYMPTOMS
When a user with an expired Windows NT password tries to access a Web page on a server that requires authentication, the browser is redirected to a password change dialog box. Under special circumstances, the password change process fails and the following error message occurs:
CAUSE
The browser tries to open an SSL connection to the Web server to transfer the username and password. By design, the SSL connection is enforced, because the Windows NT account information would otherwise be exposed during the transfer to the server. If the Web server does not allow SSL connections because no certificate is installed, then the error message occurs.
RESOLUTION
Install a certificate on the Web site to enable SSL connections.
REFERENCES
228991 How to Create and Install an SSL Certificate in IIS 4.0
Keywords: kbprb KB260981