BUG: You cannot consistently connect to some security-enhanced Web sites by using Pocket Internet Explorer (233005)


The information in this article applies to:

  • Microsoft Windows CE 2.11 Embedded ToolKit (ETK)
  • Microsoft Windows CE 2.1 Embedded ToolKit (ETK)
This article was previously published under Q233005
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

Microsoft Pocket Internet Explorer periodically does not connect to some security-enhanced Web sites that do not support all secure protocols. You may be able to connect to the site after you reset the device. However, after you visit other sites, sometimes you cannot re-establish a security-enhanced connection.

CAUSE

This problem occurs because of a bug in the secure-connection caching information. This bug only affects applications that use the Windows Sockets (Winsock) security options to enable the Secure Sockets Layer (SSL) protocol or the Private Communication Technology (PCT) protocol on an Internet connection. Pocket Internet Explorer is this kind of application. Protocol settings that are specific to one Web site are sometimes mistakenly used to initiate a connection with another Web site. If the second Web site does not recognize the protocol, the second Web site ends the connection abruptly.

RESOLUTION

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To work around this problem, you can add the following registry key:

[HKEY_LOCAL_MACHINE\Comm\SecurityProviders\SCHANNEL] "ServerCacheTime"=dword:0

The previous registry key disables the secure-connection caching so that the problem does not occur.

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section.

This problem is fixed in Microsoft Windows CE 2.12 and later versions. The previous registry entry must not be set for CE 2.12 and later versions because SSL connection performance may be affected.

MORE INFORMATION

Steps to reproduce the problem

  1. Move to a Web site that supports the SSL3 protocol.
  2. Move to another Web site that only supports the SSL2 protocol or the PCT protocol.

    Notice that the security-enhanced connection cannot be established.
Modification Type:MajorLast Reviewed:8/12/2004
Keywords:kbbug KB233005 kbAudDeveloper
©2004 Microsoft Corporation. All rights reserved.