Unsigned CRL File Causes Access Violation in Inetinfo (269571)

SYMPTOMS

When a client certificate is issued by a certificate authority, it may contain a Certificate Revocation List (CRL). A CRL is a list that is maintained by a Certificate Authority (CA) and records the serial numbers of certificates that have been revoked.

If the CRL file is not signed, the Inetinfo application causes an Access Violation error message to occur. A Dr. Watson log similar to the following occurs:

Application exception occurred:
App: inetinfo.exe (pid=1116)
When: 7/25/2000 @ 12:51:14.825
Exception number: c0000005 (access violation)

NOTE: Windows 2000 automatically restarts after this error message appears.

MORE INFORMATION

You can check the validity of the CRL by doing the following:

In Internet Explorer, from the Tools menu, click Internet Options.
On the Content tab, click the Certificates button.
Double-click the client certificate.
Click on the Details tab.
Click CRL Distribution Points.
Select the URL string.
Cancel out of all of the dialog boxes.
Paste the URL into the address bar.
Save the CRL to your local disk.
Find the Certutil.exe file in the <WINNT>\System32\Dllcache folder.
Copy the CRL into the same folder.
Open a command prompt in this folder.
Run the following command:
CERTUTIL <CRL file name>

The output of CERTUTIL will indicate "No Signature" at the end.

Unsigned CRL File Causes Access Violation in Inetinfo (269571)

SYMPTOMS

CAUSE

RESOLUTION

STATUS

MORE INFORMATION