S h o r t S t o r i e s

// Tales from software development

Archive for October 2012

Internet Explorer “Unable to display webpage” after applying Windows Update KB2661254

with 6 comments

After applying this week’s Windows Updates several of my colleagues noticed that they could no longer access a KVM-over-IP box that we use to remotely control a Windows PC.

Installing the updates one by one on another PC showed that the culprit was the update for KB2661254. It sets a minimum requirement of 1024 bytes for certificates and our KVM uses a 512 byte certificate for SSL. We have no way of changing the certificate on the KVM and it’s unlikely that the vendor will be rushing out a firmware update anytime soon with a new 1024 byte certificate.

Microsoft’s knowledge base article for KB2661254 describes a workaround that can be enabled in the registry.

Although four settings are described, the only one that we needed was the one to change the minimum requirement for certificate length from 1024 bytes to 512 bytes. Unfortunately, the registry setting doesn’t exist and must be created but it’s easy enough to do this:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDLLCreateCertificateChainEngine\Config

Name: MinRsaPubKeyBitLength


Value: 512 decimal / 200 hex

Written by Sea Monkey

October 11, 2012 at 7:00 pm

Posted in Environments

Tagged with