• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 18441
  • Last Modified:

Security certificate revocation question pops up even though no changes made in MSIE.

I am using MS XP Pro, SP2. All Windows updates have been applied. I am using Norton AV 2005 and Zonealarm Pro. Again all updates have been applied. I have made no changes to the compter for a number of weeks and lately (in the last 2 weeks) I have been getting the "Revocation information for the secuity certificate for this site is not available. Do you want to proceed?" window popping up when I visit sites such as PayPal. I do not get the message every time I visit a secure website and I have received the message visiting both secure and non-secure websites.
The privacy control in Zonealarm is set to high for banner control and medium for cookie control. The secuity setting in MSIE is set to high for restricted sites, medium for the Internet.
I have run Ad-Aware, Spybot and XoftSpy to check for trojans and have found none.
Any ideas on what may be causing this to suddenly do this?

Kevin
0
kcbecker
Asked:
kcbecker
  • 4
  • 2
1 Solution
 
TolomirAdministratorCommented:
Here might be the solution:

http://support.microsoft.com/?scid=kb%3Ben-us%3B308087&x=20&y=12

SYMPTOMS
When you turn on the Check for server certificate revocation (requires restart) option in Internet Explorer, and then you visit a secure Web site for which the certificate revocation list distribution point (CDP) is unavailable, you get a message like:

> Revocation information for the security certificate for this site is not available.

> Do you want to proceed?

So the message is ok, though not very helpful, all it says is: The website has no link to a certification revocation list.
You enabled a setting in IE options, hiving you a hint, not all websites are setup properly ;-)

Tolomir


0
 
kcbeckerAuthor Commented:
I am using MSIE 6.0 on XP Pro. The link you pointed to is for MSIE 6.0 on windows 2000. I looked for "Check for server certificate revocation (requires restart)" and could not find it in the Internet Options/secuity, Internet Options/connections or Internet Options/privacy.
Is there another place to look to look for the" Check for server certificate revocation (requires restart)" ?
0
 
TolomirAdministratorCommented:
You are right, ok:

I found it in Internetoptions -> Advanced Settings -> Security -> Check for server certificate revocation (requires restart)

Tolomir
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
TolomirAdministratorCommented:
Internet Explorer Slow When Going to Secure Web Sites

Question: I notice that often when I go to secure (SSL) Web sites, it takes forever for the Web page to load. This doesn't happen on regular non-SSL Web sites. Is there anything I can do in Internet Explorer to speed things up? Thanks! -Ricky M.

Answer: It could be that the secure Web sites you're visiting haven't published their Certificate Revocation Lists (CRLs). This is a list that allows the browser to check whether the digital certificate used to secure the Web site has been revoked. While checking for server certificate revocation is a good security measure, it can slow down connections to smaller Web sites that don't publish their CRLs. Here's how to disable CRL checking:

Open Internet Explorer
Click the Tools menu and click Internet Options.
On the Internet Options dialog box, click the Advanced tab.
On the Advanced tab, scroll down the list until you find the Security group of options.
Remove the checkmark in the Check for server certificate revocation (requires restart) option.
Close Internet Explorer and open it again.

Tolomir
0
 
kcbeckerAuthor Commented:
I found the "Check for server certificate revocation (requires restart)". It's checked so I am assuming the problem (if there is one) is due to the site manager not keeping the CRL's up to date. I'll also assume that I am safe sticking to well known sites such as PayPal and when the message comes up it's OK to proceed.

Thanks for your help.
0
 
TolomirAdministratorCommented:
Yep,

I but would use a tool like spoofstick, to be sure, paypal is really paypal.com

http://www.corestreet.com/spoofstick/index.html

What is SpoofStick?
SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places - hoping that some percentage of users won't notice the incorrect URL and give away important information. This practice is sometimes known as “phishing".

It's apart from frefox, available for IE too.

Tolomir
0
 
ddstylesCommented:
can someone suggest how the web manager (I manage a site that is having this issue) updates the CRL?
Much appreciated,  Duncan
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now