BUG: CertSrvIsServerOnlineW API succeeds when Certificate Services is not installed (312781)


The information in this article applies to:

  • Microsoft Win32 Application Programming Interface (API), when used with:
    • the operating system: Microsoft Windows 2000
This article was previously published under Q312781

SYMPTOMS

Although Certificate Services is not installed on the server that is specified in the CertSrvIsServerOnlineW function, the call succeeds with a return value of S_OK.

CAUSE

CertSrvIsServerOnlineW makes a Distributed Component Object Model (DCOM) call to the server that is specified to determine the status of the certification authority (CA). If Certificate Services is not installed on the server, the DCOM call does not complete and returns Event ID 10006 in the system event log as follows:
DCOM got error "Class not registered " from the computer <ComputerName> when attempting to activate the server: {D99E6E73-FC88-11D0-B498-00A0C90312F3}
Note In Microsoft Windows 2000, the CertSrvIsServerOnlineW application programming interface (API) implementation does not return the DCOM HRESULT error code to the caller.

RESOLUTION

Backup applications can use Service APIs to determine whether Certificate Services (CertSrv.h) service is installed on the server that is specified, as demonstrated in the following sample code. If the IsCertSvcInstalled helper function returns FALSE, the CA is considered not installed on the server that is specified: 
#define UNICODE
#define _UNICODE
#include <windows.h>
#include <certsrv.h>
#include <stdio.h>
#include <tchar.h>

BOOL IsCertSvcInstalled(TCHAR *serverName)
{
    SC_HANDLE scmHandle = NULL;
    SC_HANDLE serHandle = NULL;
    BOOL serverStatus;

    if (!serverName) return FALSE;

    serverStatus = FALSE;
    scmHandle = OpenSCManager(serverName, 0, SC_MANAGER_CONNECT|GENERIC_READ);
    if (scmHandle != NULL)
    {
        serHandle = OpenService(scmHandle, L"CertSvc", GENERIC_READ);
        if (serHandle != NULL)
        {
            serverStatus = TRUE;
            CloseServiceHandle(serHandle);
        }
        CloseServiceHandle(scmHandle);
    }
    return serverStatus;
}

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

You can expect CertSrvIsServerOnlineW() to stop responding if Certificate Services is not running on the server that is specified.

When Certificate Services is running, CertSrvIsServerOnlineW() functions as follows:
  • If Certificate Services is running and ready to accept requests, this function returns S_OK, and *pfServerOnline points to a value of TRUE.
  • If Certificate Services is running in suspended (or paused) mode, this function returns S_OK, and *pfServerOnline points to a value of FALSE.
Modification Type:MinorLast Reviewed:9/26/2005
Keywords:kbHotfixServer kbQFE kbWin2000SP5fix kbAPI kbbug kbCrypt kbfix kbKernBase kbSecurity KB312781 kbAudDeveloper
©2004 Microsoft Corporation. All rights reserved.