Signature Verification Error Messages in Internet Explorer 3.02

ID: Q238599

The information in this article applies to:
  • Microsoft Internet Explorer version 3.02 for Windows 95
  • Microsoft Internet Explorer version 3.02 for Windows NT 4.0

SYMPTOMS

When you use Internet Explorer, you may receive Authenticode signature verification error messages for software code (including ActiveX controls) that was digitally signed after December 31, 1999 or software code digitally that is signed before this date but was not time stamped. However, if you ignore or bypass the error message, the software code may work correctly.


CAUSE

This problem occurs because Internet Explorer 3.02 contains certificates that expire on December 31, 1999 at 5:00 PM. In Internet Explorer 3.02, all certificates verify up to the Microsoft root certificate by using glue certificates. These glue certificates expire on December 31, 1999 at 5:00 PM. Software code digitally signed with the Authenticode technology references a chain of certificates including these glue certificates to identify the signer and certification authorities that certified the signer. If the software code is not time stamped, when one of the certificates in the chain expires, Authenticode cannot determine the validity of the information in the certificate and reports the failure.


RESOLUTION

To resolve this problem, use either of the following methods:

Upgrade to Internet Explorer Version 4.x or Later

For information about how to do so, please see the following Microsoft Web site:
http://www.microsoft.com/ie

Install Authenticode Update

Obtain and install the Authenticode Update from the following Microsoft Web site:
http://www.microsoft.com/windows/ie/security/authenticode.asp


To work around this problem, you can safely ignore this behavior.


STATUS

Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article.


MORE INFORMATION

For more information about how Microsoft products are affected by year 2000 (Y2K) issues, please see the following Microsoft World Wide Web site:

http://www.microsoft.com/year2000/
The third-party products discussed here are manufactured by vendors independent of Microsoft; we make no warranty, implied or otherwise, regarding these products' performance or reliability.

Software code that is digitally signed and time stamped before December 31, 1999 is not affected because Authenticode evaluates the certificate chain using the time stamped time, not the current computer time.

Additional query words: y2k

Keywords : kb3rdparty kbenv kberrmsg kb2000
Version : WINDOWS:3.02
Platform : WINDOWS
Issue type : kbprb


Last Reviewed: October 1, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.