Vista and WinInet error ERROR_INTERNET_SEC_CERT_REV_FAILED (12057)

by Codewiz51 5. February 2009 19:17

Well, Vista's at it again. We were testing software today and my HTTP routines that utilize WinInet.dll threw an error we haven't seen before: 12057.

It turns out that Vista handles the check for server certificate revocation slightly differently than XP.  You will only see the error if you are working with secure sockets (https protocol). You can turn off the check for server certification, as shown in the following figure:

 



If you need to handle the problem in code, then you need to test for a return error of ERROR_INTERNET_SEC_CERT_REV_FAILED. If you receive it, then use ::InternetQueryOption to set INTERNET_OPTION_SECURITY_FLAGS. The correct value is SECURITY_FLAG_IGNORE_REVOCATION. Then resubmit your request. (Be sure to OR in the flag, you don't want to clear any other options that might be set.)

Updated 1/21/2010:

I've modified the code in WinINetTest to handle error 12057.  The original article is here.

Download the modified code: WinInetTest.7z (39.90 kb)
This code requires Visual Studio 2008 to compile.

Tags: , , ,

Programming

Disclaimer

This blog represents my personal hobby, observations and views. It does not represent the views of my employer, clients, especially my wife, children, in-laws, clergy, the dog, the cat or my daughter's horse. In fact, I am not even sure it represents my views when I take the time to reread postings.  So, take most of what I say with a grain of salt.

© Copyright 2008-2014