IIS generates an HTTP 500 error when "Accept client certificates" is enabled (314324)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
This article was previously published under Q314324 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SUMMARY
A server that is running Internet Information Server with Secure Sockets Layer (SSL) enabled can either ignore or accept client certificates. By default, the server is set up to ignore these certificates; however, if you decide to accept client certificates and to still use Anonymous authentication on your Web server, IIS generates harmless HTTP 500 error messages in the Web site log files. This is expected behavior.
The HTTP 500 error is part of the negotiation process of the client and server. The immediate cause of the HTTP 500 error is that the client closed the connection when the server was searching for additional data from the request. Because the socket is closed, IIS cancels the request and logs an HTTP 500 error. When the server sends a request for a client certificate, the browser processes this as a fatal error and disconnects the connection. It then starts a new session based on the assumption that the server is a "non-anonymous server."
REFERENCES
For additional information about how the connection is negotiated, visit the following Web site:
| Modification Type: | Minor | Last Reviewed: | 6/23/2005 |
|---|
| Keywords: | kbinfo KB314324 |
|---|
|