Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 841641 - Last Review: November 21, 2006 - Revision: 1.1
IIS returns a "403.13 Client Certificate Revoked" error message after you install MS04-011 because of Wininet proxy settings
When you access a Web site that is set to require client
certificates, you may receive the following HTTP error message, even if you are
sure that the client certificate has not been revoked:
403.13 Client Certificate Revoked
Winhttp.dll may prevent the retrieval of the Wininet proxy settings if all the following conditions are true:
- The server is configured with Internet Information Services
(IIS) services.
- The server is running under the Local System account.
- The browser (Wininet)
proxy settings have been manually configured.
If you do not have the
Web Proxy Auto-Discovery (WPAD) configured, Microsoft Cryptography API (CAPI) cannot
download Certificate Revocation Lists (CRLs) because CAPI cannot find proxy
settings. Also, after you apply the MS04-011 security update, CAPI uses the Winhttp.dll file instead of the Wininet.dll file. Therefore, CAPI does not support WPAD when you use scripts that are not based on JavaScript.
To resolve this problem, you can use the Proxycfg.exe file to
manually configure the proxy settings for the computer. For example, run either of the following commands to import from the user's browser settings:
proxycfg.exe -p itgproxy:80
proxycfg.exe -u
The Proxycfg.exe file is available from the Platform Software Development Kit (SDK).
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
841642Â
(http://kbalertz.com/Feedback.aspx?kbNumber=841642/
)
Errors with client certificates occur after you install the MS04-011 security update on an IIS 5.0 computer
841632Â
(http://kbalertz.com/Feedback.aspx?kbNumber=841632/
)
You receive a "403.13 client certificate revoked" error message after you install the MS04-11 security update
APPLIES TO
- Microsoft Internet Information Services 5.0
Retired KB Content DisclaimerThis article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate
Be the first to leave feedback, to help others about this knowledge base
article.
(Optional) Name
(Optional)
Public URL Or Email
Comments
No
HTML -- Text Only Please