login problem caused by Windows update(s)? (911562 and/or 912812)

[Guest]

Prior to installing updates 911561 and 912812, I had no problem logging in to
a Web site that I frequent. Since I downloaded those files, I have't been
able to log in via Internet Explorer (6.0). [I am able to log on via a
different, non-Microsoft browser.]

When I attempt to log in to that site via Internet Explorer, I get a message
to the effect that the security certificate for that site has been revoked,
and that the site should not be trusted.

In seeking help from the technical-support folks who run that site, I have
been assured that their certificate has NOT been revoked, and that THEY are
capable of signing in to the page that I'm unable to sign into, so they've
concluded that there's a problem with "my system."

I've tried changing all kind of settings in Internet Explorer (including
deletion of cookies and temporary Internet files), and I've declared that Web
site as "trusted."

Nothing works, so I'm wondering if this could be due to some effect of one
of the Windows updates referenced above.

Can anyone help?

I'm running Windows 98 Second Edition.

 

[Guest]

In the text of my message, I said the updates were 911561 and 912812. The
first one should be 911562 (which is correct in the subject line).

 

[Noel Paton]

IN Win ME and in Win98 , there is one ESSENTIAL thing to note
THE 911562 PATCH FOR MDAC2.8RTM DOES NOT WORK!!!
It breaks Help & Support in Win ME, amongst other things.

Best advice is upgrade to MDAC2.8SP! from here
http://www.microsoft.com/downloads/...95-efc2-4f8e-a9e0-3a1afbd5922e&displaylang=en
then visit WU again for the new patch - which works properly with the SP1
files.

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

 

[Daniel Crichton]

gamartin wrote on Sat, 10 Jun 2006 09:06:02 -0700:

Prior to installing updates 911561 and 912812, I had no problem logging in
to a Web site that I frequent. Since I downloaded those files, I have't
been able to log in via Internet Explorer (6.0). [I am able to log on via
a different, non-Microsoft browser.]

Can you post the URL?

When I attempt to log in to that site via Internet Explorer, I get a
message to the effect that the security certificate for that site has been
revoked, and that the site should not be trusted.

Have you got "Check for publisher's certificate revocation" ticked in the
Security section of the Advanced tab under Tools>Internet Options?

In seeking help from the technical-support folks who run that site, I have
been assured that their certificate has NOT been revoked, and that THEY
are capable of signing in to the page that I'm unable to sign into, so
they've concluded that there's a problem with "my system."

Maybe IE is unable to check for revocation due to something else installed
on your machine blocking IE going to the certificate publisher's website.

I've tried changing all kind of settings in Internet Explorer (including
deletion of cookies and temporary Internet files), and I've declared that
Web site as "trusted."

Try changing the "Check for publisher's certificate revocation" setting, see
if that helps.

Nothing works, so I'm wondering if this could be due to some effect of one
of the Windows updates referenced above.

Can anyone help?

I'm running Windows 98 Second Edition.

I've seen no problems with the W98 SE machine used here at work with our own
sites over SSL.

Dan

 

[Guest]

gamartin wrote on Sat, 10 Jun 2006 09:06:02 -0700:

Prior to installing updates 911561 and 912812, I had no problem logging in
to a Web site that I frequent. Since I downloaded those files, I have't
been able to log in via Internet Explorer (6.0). [I am able to log on via
a different, non-Microsoft browser.]

Can you post the URL?

URL: http://go.bigstep.com/

Have you got "Check for publisher's certificate revocation" ticked in the
Security section of the Advanced tab under Tools>Internet Options?

I get the message about the security certificate having been revoked (and
the site not being trustworthy) regardless of whether that box ("Check for
publisher's certificate revocation") is checked.

 

[Daniel Crichton]

gamartin wrote on Thu, 15 Jun 2006 08:50:02 -0700:

gamartin wrote on Sat, 10 Jun 2006 09:06:02 -0700:

Prior to installing updates 911561 and 912812, I had no problem logging
in to a Web site that I frequent. Since I downloaded those files, I
have't been able to log in via Internet Explorer (6.0). [I am able to
log on via a different, non-Microsoft browser.]

Can you post the URL?

URL: http://go.bigstep.com/

OK, attempting login goes to https://my.bigstep.com , which has a Thawte SGC
certificate signed by Verisign. Maybe the IE root certificate store has been
damaged in some way by the updates, or the updates added a new method for
verifying certificates and your trusted roots are out of date. First step
I'd try is to install the latest Thawte and Verisign trusted roots.

The Thawte ones you can obtain here: http://www.thawte.com/roots/index.html

The Verisign ones from: http://www.verisign.com/repository/roots/pca_certificate.html

Dan

 

[Guest]

gamartin wrote on Thu, 15 Jun 2006 08:50:02 -0700:

gamartin wrote on Sat, 10 Jun 2006 09:06:02 -0700:

Prior to installing updates 911561 and 912812, I had no problem logging
in to a Web site that I frequent. Since I downloaded those files, I
have't been able to log in via Internet Explorer (6.0). [I am able to
log on via a different, non-Microsoft browser.]

Can you post the URL?

URL: http://go.bigstep.com/

OK, attempting login goes to https://my.bigstep.com , which has a Thawte SGC
certificate signed by Verisign. Maybe the IE root certificate store has been
damaged in some way by the updates, or the updates added a new method for
verifying certificates and your trusted roots are out of date. First step
I'd try is to install the latest Thawte and Verisign trusted roots.

I've tried that, and it makes no difference. Both before and after
installing the latest certificates, the certificate status was given in IE as
"OK."

Perhaps the most perplexing aspect of this problem is that, as indicated in
my previous reply to you, I get the message about the certificate having been
revoked even if I clear the "Check for publisher's certificate revocation"
check box in IE (then close IE, reopen IE, and retry the login). Any
explanation as to what is causing THAT (and/or any OTHER suggested action(s))?

 

[Guest]

IN Win ME and in Win98 , there is one ESSENTIAL thing to note
THE 911562 PATCH FOR MDAC2.8RTM DOES NOT WORK!!!
It breaks Help & Support in Win ME, amongst other things.

Best advice is upgrade to MDAC2.8SP! from here
http://www.microsoft.com/downloads/...95-efc2-4f8e-a9e0-3a1afbd5922e&displaylang=en
then visit WU again for the new patch - which works properly with the SP1
files.

I installed MDAC2.8SP1, and then installed the new patch from WU, but the
problem persists!

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

Prior to installing updates 911561 and 912812, I had no problem logging in
to
a Web site that I frequent. Since I downloaded those files, I have't been
able to log in via Internet Explorer (6.0). [I am able to log on via a
different, non-Microsoft browser.]

When I attempt to log in to that site via Internet Explorer, I get a
message
to the effect that the security certificate for that site has been
revoked,
and that the site should not be trusted.

In seeking help from the technical-support folks who run that site, I have
been assured that their certificate has NOT been revoked, and that THEY
are
capable of signing in to the page that I'm unable to sign into, so they've
concluded that there's a problem with "my system."

I've tried changing all kind of settings in Internet Explorer (including
deletion of cookies and temporary Internet files), and I've declared that
Web
site as "trusted."

Nothing works, so I'm wondering if this could be due to some effect of one
of the Windows updates referenced above.

Can anyone help?

I'm running Windows 98 Second Edition.

 

[Noel Paton]

run the version checker for MDAC - report back on what it finds....
http://support.microsoft.com/kb/301202


--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

IN Win ME and in Win98 , there is one ESSENTIAL thing to note
THE 911562 PATCH FOR MDAC2.8RTM DOES NOT WORK!!!
It breaks Help & Support in Win ME, amongst other things.

Best advice is upgrade to MDAC2.8SP! from here
http://www.microsoft.com/downloads/...95-efc2-4f8e-a9e0-3a1afbd5922e&displaylang=en
then visit WU again for the new patch - which works properly with the SP1
files.

I installed MDAC2.8SP1, and then installed the new patch from WU, but the
problem persists!

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

Prior to installing updates 911561 and 912812, I had no problem logging
in
to
a Web site that I frequent. Since I downloaded those files, I have't
been
able to log in via Internet Explorer (6.0). [I am able to log on via a
different, non-Microsoft browser.]

When I attempt to log in to that site via Internet Explorer, I get a
message
to the effect that the security certificate for that site has been
revoked,
and that the site should not be trusted.

In seeking help from the technical-support folks who run that site, I
have
been assured that their certificate has NOT been revoked, and that THEY
are
capable of signing in to the page that I'm unable to sign into, so
they've
concluded that there's a problem with "my system."

I've tried changing all kind of settings in Internet Explorer
(including
deletion of cookies and temporary Internet files), and I've declared
that
Web
site as "trusted."

Nothing works, so I'm wondering if this could be due to some effect of
one
of the Windows updates referenced above.

Can anyone help?

I'm running Windows 98 Second Edition.

 

[Daniel Crichton]

gamartin wrote on Fri, 16 Jun 2006 08:13:02 -0700:

gamartin wrote on Thu, 15 Jun 2006 08:50:02 -0700:

:

gamartin wrote on Sat, 10 Jun 2006 09:06:02 -0700:

Prior to installing updates 911561 and 912812, I had no problem
logging in to a Web site that I frequent. Since I downloaded those
files, I have't been able to log in via Internet Explorer (6.0). [I am
able to log on via a different, non-Microsoft browser.]

Can you post the URL?

URL: http://go.bigstep.com/

OK, attempting login goes to https://my.bigstep.com , which has a Thawte
SGC
certificate signed by Verisign. Maybe the IE root certificate store has
been damaged in some way by the updates, or the updates added a new
method for verifying certificates and your trusted roots are out of date.
First step I'd try is to install the latest Thawte and Verisign trusted
roots.

I've tried that, and it makes no difference. Both before and after
installing the latest certificates, the certificate status was given in IE
as "OK."

Perhaps the most perplexing aspect of this problem is that, as indicated
in my previous reply to you, I get the message about the certificate
having been revoked even if I clear the "Check for publisher's certificate
revocation" check box in IE (then close IE, reopen IE, and retry the
login). Any explanation as to what is causing THAT (and/or any OTHER
suggested action(s))?

What is the exact message that is appearing? Without the exact wording it's
going to be hard to track down the source of the error message.

Dan

 

[Guest]

What is the exact message that is appearing? Without the exact wording it's
going to be hard to track down the source of the error message.

I get the following message (in a Security Alert dialog box):

The security certificate for this site has been revoked. This site should
not be trusted.

 

[Guest]

run the version checker for MDAC - report back on what it finds....
http://support.microsoft.com/kb/301202

On running the component checker, I get the following message:

The following product releases were matched:

MDAC 2.8 SP1 ON WINDOWS XP SP2

In the registry, I get the following values:

FullInstallVer 2.81.1124.0

Version 2.81.1117.6

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

IN Win ME and in Win98 , there is one ESSENTIAL thing to note
THE 911562 PATCH FOR MDAC2.8RTM DOES NOT WORK!!!
It breaks Help & Support in Win ME, amongst other things.

Best advice is upgrade to MDAC2.8SP! from here
http://www.microsoft.com/downloads/...95-efc2-4f8e-a9e0-3a1afbd5922e&displaylang=en
then visit WU again for the new patch - which works properly with the SP1
files.

I installed MDAC2.8SP1, and then installed the new patch from WU, but the
problem persists!

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's
Prior to installing updates 911561 and 912812, I had no problem logging
in
to
a Web site that I frequent. Since I downloaded those files, I have't
been
able to log in via Internet Explorer (6.0). [I am able to log on via a
different, non-Microsoft browser.]

When I attempt to log in to that site via Internet Explorer, I get a
message
to the effect that the security certificate for that site has been
revoked,
and that the site should not be trusted.

In seeking help from the technical-support folks who run that site, I
have
been assured that their certificate has NOT been revoked, and that THEY
are
capable of signing in to the page that I'm unable to sign into, so
they've
concluded that there's a problem with "my system."

I've tried changing all kind of settings in Internet Explorer
(including
deletion of cookies and temporary Internet files), and I've declared
that
Web
site as "trusted."

Nothing works, so I'm wondering if this could be due to some effect of
one
of the Windows updates referenced above.

Can anyone help?

I'm running Windows 98 Second Edition.

 

[Noel Paton]

Ah - this looks as if it's actually YOUR certificate that might be the
problem!
http://www.issociate.de/board/goto/35379/Expired_and_Revoked_Certificates.html

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's

 

[Daniel Crichton]

That was my thought too, but I thought I'd ask for the error message first.
I didn't see anything about a client certificate in the login system, but
then again I'm not a customer so I have no idea what the system does after
registration.

Dan

Noel wrote on Tue, 20 Jun 2006 11:42:49 +0100:

 

[Guest]

That was my thought too, but I thought I'd ask for the error message first.
I didn't see anything about a client certificate in the login system, but
then again I'm not a customer so I have no idea what the system does after
registration.

Dan

Noel wrote on Tue, 20 Jun 2006 11:42:49 +0100:

To my knowledge, I've never HAD a certificate. Also, I had made no changes
to anything in regard to the site that I've been trying to log in to (which
I've been using for over six years, and which never gave me a problem until
May 22, just after I'd installed updates 911562 and 912812).

Another thing that would seem to be inconsistent with there being something
wrong with MY certificate (even if I DO have one, which I doubt): I'm able to
log in to the site via Firefox, and I get no message at all with Firefox in
regard to ANY certificate(s).

I didn't download/install Firefox until after this problem occurred (I did
so for the express purpose of seeing whether I could actually log in via some
browser OTHER than IE). Thus if there was something wrong with "my"
certificate, that would have happened BEFORE I downloaded Firefox. Wouldn't
that have caused the same problem to occur with Firefox that was already
occurring with IE?

Another bit of info that may shed some light on this problem: From the
Content tab of the Internet Options dialog box (Tools menu in IE):

If I click the "Certificates" button, the certificate for the site in
question (which is a BUSINESS site) is listed on the "Other People" tab in
the Certificate Manager dialog box. I would think it should be listed on
something like a "BUSINESS" tab, rather than on the "Other PEOPLE" tab. Alas,
there is NO "Business" tab in the dialog box, so such an option isn't
available, but the phrase "Other PEOPLE" doesn't seem appropriate for a
BUSINESS.

Also, from the Content tab of the Internet Options dialog box, if I click
the "Publishers" button (instead of the "Certificates" button), I get the
Authenticode(tm) Security Technology dialog box, which contains an EMPTY
list under "Trusted Publishers and Issuers of Credentials". I don't know if
some info related to the certificate for the site that I'm trying to log in
to should be listed there.

Also, from the Security tab of the Internet Options dialog box, if I choose
"Trusted sites" and click the "Sites..." button (and get the Trusted sites
dialog box), should I check (or should I clear) the "Require server
verification (https for all sites in this zone" box? [I've tried both
settings, and that doesn't seem to have made any difference insofar as the
problem at hand is concerned.]

 

[Daniel Crichton]

gamartin wrote on Tue, 20 Jun 2006 20:24:01 -0700:

To my knowledge, I've never HAD a certificate. Also, I had made no changes
to anything in regard to the site that I've been trying to log in to
(which I've been using for over six years, and which never gave me a
problem until May 22, just after I'd installed updates 911562 and 912812).

You do have a client certificate - scroll down a bit for the explanation as
to why.

Another thing that would seem to be inconsistent with there being
something wrong with MY certificate (even if I DO have one, which I
doubt): I'm able to log in to the site via Firefox, and I get no message
at all with Firefox in regard to ANY certificate(s).

I didn't download/install Firefox until after this problem occurred (I did
so for the express purpose of seeing whether I could actually log in via
some browser OTHER than IE). Thus if there was something wrong with "my"
certificate, that would have happened BEFORE I downloaded Firefox.
Wouldn't that have caused the same problem to occur with Firefox that was
already occurring with IE?

IE and Firefox are independent browsers, so that would explain why one isn't
affected.

Another bit of info that may shed some light on this problem: From the
Content tab of the Internet Options dialog box (Tools menu in IE):

If I click the "Certificates" button, the certificate for the site in
question (which is a BUSINESS site) is listed on the "Other People" tab in
the Certificate Manager dialog box. I would think it should be listed on
something like a "BUSINESS" tab, rather than on the "Other PEOPLE" tab.
Alas, there is NO "Business" tab in the dialog box, so such an option
isn't available, but the phrase "Other PEOPLE" doesn't seem appropriate
for a BUSINESS.

The fact that you have a certificate under "Other People" proves you do have
a client certificate, or some non-standard certificate handling. This tab is
normally empty. "Other People" is just the tab name, it includes all the
certificates that you've installed that don't come under the other headings.

Also, from the Content tab of the Internet Options dialog box, if I click
the "Publishers" button (instead of the "Certificates" button), I get the
Authenticode(tm) Security Technology dialog box, which contains an EMPTY
list under "Trusted Publishers and Issuers of Credentials". I don't know
if some info related to the certificate for the site that I'm trying to
log in to should be listed there.

That is only for Authenticode, which is for signing ActiveX controls.

Also, from the Security tab of the Internet Options dialog box, if I
choose "Trusted sites" and click the "Sites..." button (and get the
Trusted sites dialog box), should I check (or should I clear) the
"Require server verification (https for all sites in this zone" box?
[I've tried both settings, and that doesn't seem to have made any
difference insofar as the problem at hand is concerned.]

That list is only for sites where you want IE to handle things differently
to a normal public site. Trusted Sites have much lower security settings.

I'm guessing that somehow you have installed the old server certificate
(maybe you clicked on the padlock icon some time ago to look at the
certificate details, and clicked the Import button thinking you needed to do
so, and so imported it into your certificate store permanently), or a client
certificate, for Bigstep into IE, and until this patch was installed it was
just ignored. However the patch appears to have fixed IE so it realises that
the certificate is revoked/expired, and so pops up that warning. You could
try removing the certificate from the "Other People" tab - at worst you'll
just have to rollback again, but there's a good chance it'll fix the problem
you're having.

Dan