SSL does not work you try to connect to Web sites that use Server Gated Cryptography certificates that are issued by Thawte (875450)

CAUSE

Server Gated Cryptography (SGC) is a mechanism that permitted Web browsing software to use strong (128-bit) SSL encryption. Typically, SGC is included with products that were released before the lifting of export controls on strong encryption. The United States government imposed constraints on software vendors. Because of these constraints, vendors could enable SGC capabilities only for certification authorities (CAs) who agreed to issue certificates that use SGC only to authorized organizations. For example, vendors could enable SGC capabilities for CAs who agreed to issue certificates only to financial institutions.

Microsoft issued a cross certificate to Thawte to enable Thawte's SGC capability. This cross certificate expired on July 16, 2004. Therefore, sites that are configured with Thawte SGC certificates cannot enable older clients that have standard (40 or 56 bit) encryption to use strong SSL encryption. Clients that have the High Encryption Pack already installed are not affected.

Microsoft and other vendors stopped shipping products that have standard encryption shortly after the U.S. lifted its export restrictions in early 2000. By default, these products support strong encryption and do not depend on sites to be configured with SGC certificates for strong SSL encryption.

RESOLUTION

Windows 2000

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to obtain the latest Windows 2000 service pack

Windows NT 4.0

To resolve this problem, obtain the Microsoft Windows NT 4.0 Security Rollup Package. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

299444 Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)

Microsoft Windows NT Server version 4.0, Terminal Server Edition

To resolve this problem, obtain the Microsoft Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

317636 Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package

Windows 98

To resolve this problem, obtain the latest version of Microsoft Internet Explorer. To do this, visit the following Microsoft Web site:

Alternatively, you may install the High Encryption Pack for older versions of Internet Explorer. To do this, visit the following Microsoft Web site:

http://www.microsoft.com/windows/ie/downloads/recommended/128bit/default.mspx

However, we strongly recommend that you install the latest version of Internet Explorer because it contains features and services that help protect your Web browsing experience.