Hi folks, I've been having some issues with CAPI2 on a Windows 2008 R2 box. I get a lot of Error 53's when we try and process credit card transactions through authorize.net. It's not an issue with them, as the box doesnt' appear to be able to reach them to negotiate payment processing. I tried to disable WPAD, which seemed to temporarily help, but we've intermittently been getting error messages again. It looked like some of them were related to Base Filtering Engine, I've tried to disable that this morning to see if that provides any help. I'm posting some of the error messages below. We were getting these issues mostly from entrust.com, which I guess is who authorize.net uses for certificate management, but we're also getting these errors from Microsoft related certificates now too. Here is a copy from the log. Any ideas? Thanks, -Nate + System - Provider [ Name] Microsoft-Windows-CAPI2 [ Guid] {5bbca4a8-b209-48dc-a8c7-b23d3e5216fb} EventID 53 Version 0 Level 2 Task 53 Opcode 2 Keywords 0x4000000000000036 - TimeCreated [ SystemTime] 2011-07-14T19:08:20.761485600Z EventRecordID 1898 Correlation - Execution [ ProcessID] 944 [ ThreadID] 4628 Channel Microsoft-Windows-CAPI2/Operational Computer madhost416 - Security [ UserID] S-1-5-21-774496436-1281339017-1124771110-1001 - UserData - CryptRetrieveObjectByUrlWire - URL http://crl.microsoft.com/pki/crl/products/CSPCA.crl [ scheme] http - Object [ type] Blob [ constant] 0 Timeout PT5M0S - Flags [ value] 60000D [ CRYPT_RETRIEVE_MULTIPLE_OBJECTS] true [ CRYPT_WIRE_ONLY_RETRIEVAL] true [ CRYPT_DONT_CACHE_RESULT] true [ CRYPT_PROXY_CACHE_RETRIEVAL] true [ CRYPT_NOT_MODIFIED_RETRIEVAL] true - AuxInfo [ maxUrlRetrievalByteCount] 104857600 [ cacheResyncTime] 2011-07-14T18:08:20.678Z [ fProxyCacheRetrieval] true - AdditionalInfo - NetworkConnectivityStatus [ value] 1 [ _SENSAPI_NETWORK_ALIVE_LAN] true - Action [ name] Call_WinHttpGetProxyForUrl - Error [ value] 2F92 - Action [ name] NoProxy - Action [ name] Call_WinHttpGetProxyForUrl - Error [ value] 2F92 - Action [ name] NoProxy - HTTPRequestHeadersInfo Header GET /pki/crl/products/CSPCA.crl HTTP/1.1 Header Accept: */* Header Cache-Control: max-age = 3600 Header User-Agent: Microsoft-CryptoAPI/6.1 Header Connection: Keep-Alive - HTTPResponseHeadersInfo Header HTTP/1.1 200 OK Header Cache-Control: max-age=900 Header Connection: keep-alive Header Date: Thu, 14 Jul 2011 19:08:12 GMT Header Content-Length: 552 Header Content-Type: application/pkix-crl Header Last-Modified: Mon, 13 Jun 2011 17:39:55 GMT Header Accept-Ranges: bytes Header ETag: "6d7054e8f029cc1:0" Header P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Header Server: Microsoft-IIS/7.5 Header VTag: 438374942100000000 Header X-Powered-By: ASP.NET - CacheInfo [ lastSyncTime] 2011-07-14T19:08:20.760Z - URLCacheResponseInfo [ responseType] CRYPTNET_URL_CACHE_RESPONSE_HTTP [ lastModifiedTime] 2011-06-13T17:39:55Z [ maxAge] 900 [ eTag] "6d7054e8f029cc1:0" - RetrievedObjects - Blob 308202243082010C020101300D06092A864886F70D01010505003079310B3009060355040613025553311330110603550408130A57617368696E67746F6E3110300E060355040713075265646D6F6E64311E301C060355040A13154D6963726F736F667420436F72706F726174696F6E312330210603550403131A4D6963726F [ fileRef] B65B3BAF37445A512FA1919E4E93F3DB0E9CE237.bin [ maxSize] true - EventAuxInfo [ ProcessName] svchost.exe [ impersonateToken] S-1-5-21-774496436-1281339017-1124771110-1001 - CorrelationAuxInfo [ TaskId] {A1E6A631-32D4-41AB-9DF0-5C72FCA6EFC7} [ SeqNumber] 2 - Result [ value] 0

After looking at the errors in the log a bit further, I see there is a variety of URL's mentioned in the messages. I've tried clearing the urlcache with certutil. This is on a production web server, and is getting a bit annoying, as customers aren't able to pay for their merchandise. Thanks.

When I turn WPAD back on, I get this error message: + System - Provider [ Name] Microsoft-Windows-CAPI2 [ Guid] {5bbca4a8-b209-48dc-a8c7-b23d3e5216fb} EventID 11 Version 0 Level 2 Task 11 Opcode 2 Keywords 0x4000000000000003 - TimeCreated [ SystemTime] 2011-07-15T16:22:00.144135000Z EventRecordID 3139 - Correlation [ ActivityID] {00CC000C-E2B0-036B-DC10-E01037B82200} - Execution [ ProcessID] 4316 [ ThreadID] 4320 Channel Microsoft-Windows-CAPI2/Operational Computer madhost416 - Security [ UserID] S-1-5-21-774496436-1281339017-1124771110-1001 - UserData - CertGetCertificateChain - Certificate [ fileRef] 68E257C0229BF273A9D296DD6406BF61763C64C4.cer [ subjectName] secure.authorize.net ValidationTime 2011-07-15T16:21:42.546Z - AdditionalStore - Certificate [ fileRef] BEE772B3190AC84BF831F9607D9889EC6A966C16.cer [ subjectName] Entrust Root Certification Authority - Certificate [ fileRef] 179A7696DB4322813F1C9572B85033841DEC020E.cer [ subjectName] Entrust Certification Authority - L1E - Certificate [ fileRef] 68E257C0229BF273A9D296DD6406BF61763C64C4.cer [ subjectName] secure.authorize.net - ExtendedKeyUsage [ orMatch] true - Usage [ oid] 1.3.6.1.5.5.7.3.1 [ name] Server Authentication - Usage [ oid] 1.3.6.1.4.1.311.10.3.3 - Usage [ oid] 2.16.840.1.113730.4.1 - Flags [ value] 48000000 [ CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT] true [ CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT] true - ChainEngineInfo [ context] user - AdditionalInfo - NetworkConnectivityStatus [ value] 1 [ _SENSAPI_NETWORK_ALIVE_LAN] true - CertificateChain [ chainRef] {AB08EF73-BFD8-4DCE-B802-3C20710E8768} - TrustStatus - ErrorStatus [ value] 1000040 [ CERT_TRUST_REVOCATION_STATUS_UNKNOWN] true [ CERT_TRUST_IS_OFFLINE_REVOCATION] true - InfoStatus [ value] 100 [ CERT_TRUST_HAS_PREFERRED_ISSUER] true - ChainElement - Certificate [ fileRef] 68E257C0229BF273A9D296DD6406BF61763C64C4.cer [ subjectName] secure.authorize.net - SignatureAlgorithm [ oid] 1.2.840.113549.1.1.5 [ hashName] SHA1 [ publicKeyName] RSA - PublicKeyAlgorithm [ oid] 1.2.840.113549.1.1.1 [ publicKeyName] RSA [ publicKeyLength] 2048 - TrustStatus - ErrorStatus [ value] 1000040 [ CERT_TRUST_REVOCATION_STATUS_UNKNOWN] true [ CERT_TRUST_IS_OFFLINE_REVOCATION] true - InfoStatus [ value] 102 [ CERT_TRUST_HAS_KEY_MATCH_ISSUER] true [ CERT_TRUST_HAS_PREFERRED_ISSUER] true - ApplicationUsage - Usage [ oid] 1.3.6.1.5.5.7.3.1 [ name] Server Authentication - Usage [ oid] 1.3.6.1.5.5.7.3.2 [ name] Client Authentication - IssuanceUsage - Usage [ oid] 2.16.840.1.114028.10.1.2 - RevocationInfo - RevocationResult The revocation function was unable to check revocation because the revocation server was offline. [ value] 80092013 - ChainElement - Certificate [ fileRef] 179A7696DB4322813F1C9572B85033841DEC020E.cer [ subjectName] Entrust Certification Authority - L1E - SignatureAlgorithm [ oid] 1.2.840.113549.1.1.5 [ hashName] SHA1 [ publicKeyName] RSA - PublicKeyAlgorithm [ oid] 1.2.840.113549.1.1.1 [ publicKeyName] RSA [ publicKeyLength] 2048 - TrustStatus - ErrorStatus [ value] 0 - InfoStatus [ value] 102 [ CERT_TRUST_HAS_KEY_MATCH_ISSUER] true [ CERT_TRUST_HAS_PREFERRED_ISSUER] true - ApplicationUsage [ any] true - IssuanceUsage [ any] true - RevocationInfo [ freshnessTime] P1DT4H14M43S - RevocationResult [ value] 0 - OCSPResponse [ location] Wire [ url] http://ocsp.entrust.net/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBQsSqZpWQuWOxHU9pAda%2B7Lf6V20AQUaJDkZ6SmU4DHhmak8fdLQ%2FuEvW0CBEVrmtw%3D [ fileRef] 6877B90FD8FF62D3352B55767E83F2315015C124.bin [ issuerName] Entrust Root Certification Authority - ChainElement - Certificate [ fileRef] BEE772B3190AC84BF831F9607D9889EC6A966C16.cer [ subjectName] Entrust Root Certification Authority - SignatureAlgorithm [ oid] 1.2.840.113549.1.1.5 [ hashName] SHA1 [ publicKeyName] RSA - PublicKeyAlgorithm [ oid] 1.2.840.113549.1.1.1 [ publicKeyName] RSA [ publicKeyLength] 2048 - TrustStatus - ErrorStatus [ value] 0 - InfoStatus [ value] 102 [ CERT_TRUST_HAS_KEY_MATCH_ISSUER] true [ CERT_TRUST_HAS_PREFERRED_ISSUER] true - ApplicationUsage [ any] true - IssuanceUsage [ any] true - RevocationInfo [ freshnessTime] PT23H38M30S - RevocationResult [ value] 0 - OCSPResponse [ location] Wire [ url] http://ocsp.entrust.net/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBSgLXLbL4La7i%2B3dMpUpZCcZtKubgQU6r8QpQEelY%2FJVbRnYKSP%2FYsPErQCBEKHLUw%3D [ fileRef] 6AF47350D4B7AFC4ADC41DE65F5F3C5DDE15AEFC.bin [ issuerName] Entrust.net Secure Server Certification Authority - ChainElement - Certificate [ fileRef] 99A69BE61AFE886B4D2B82007CB854FC317E1539.cer [ subjectName] Entrust.net Secure Server Certification Authority - SignatureAlgorithm [ oid] 1.2.840.113549.1.1.5 [ hashName] SHA1 [ publicKeyName] RSA - PublicKeyAlgorithm [ oid] 1.2.840.113549.1.1.1 [ publicKeyName] RSA [ publicKeyLength] 1024 - TrustStatus - ErrorStatus [ value] 0 - InfoStatus [ value] 10A [ CERT_TRUST_HAS_KEY_MATCH_ISSUER] true [ CERT_TRUST_IS_SELF_SIGNED] true [ CERT_TRUST_HAS_PREFERRED_ISSUER] true - ApplicationUsage - Usage [ oid] 1.3.6.1.5.5.7.3.1 [ name] Server Authentication - Usage [ oid] 1.3.6.1.5.5.7.3.2 [ name] Client Authentication - Usage [ oid] 1.3.6.1.5.5.7.3.3 [ name] Code Signing - Usage [ oid] 1.3.6.1.5.5.7.3.4 [ name] Secure Email - Usage [ oid] 1.3.6.1.5.5.7.3.6 [ name] IP security tunnel termination - Usage [ oid] 1.3.6.1.5.5.7.3.7 [ name] IP security user - Usage [ oid] 1.3.6.1.5.5.8.2.2 [ name] IP security IKE intermediate - Usage [ oid] 1.3.6.1.5.5.7.3.8 [ name] Time Stamping - Usage [ oid] 1.3.6.1.4.1.311.10.3.4 [ name] Encrypting File System - IssuanceUsage [ any] true - EventAuxInfo [ ProcessName] webstore.exe - CorrelationAuxInfo [ TaskId] {D6586820-FBBF-47C8-AEB6-0352BC076439} [ SeqNumber] 17 - Result The revocation function was unable to check revocation because the revocation server was offline. [ value] 80092013

What is not working, please provide details? Why are customers not able to pay for their merchandise? What is failing? You a web server? You have a certificate on the web server for SSL? What is the certificate 68E257C0229BF273A9D296DD6406BF61763C64C4.cer [subjectName] secure.authorize.net used for in your environment? What is the end user certificate that you are using on your web server? Export the Certificate using to lock down the W2k3 IIS web site (public key only, not the private key) and copied it to the folder c:\test and then opened a cmd prompt (open with Run as administrator is on W2k8 machine) In the administrativecmd prompt, run: Psexec –s cmd Certutil –verify –urlfetch NameCert.cer > CertVerify.txt Do you have revocation errors in the CertVerify.txt What is the web server used for in your environment? You said you disabled Web Proxy Automatic Discovery (WPAD). Do you have ISA firewall? Automatic Discovery for Firewall and Web Proxy Clients http://technet.microsoft.com/en-us/library/cc713344.aspxSumesh P - Microsoft Online Community Support