INFO: Encryption/Decryption Support for SSL/SSPI on Windows NT 4.0

Article ID: 275592 - View products that this article applies to.
This article was previously published under Q275592
Expand all | Collapse all

SUMMARY

As of Microsoft Windows NT 4.0 Service Pack 4 (SP4), Windows NT 4.0 supports Secure Socket Layer (SSL) and Transport Layer Security (TLS) Encryption and Authentication through the Security Support Provider Interface (SSPI).

MORE INFORMATION

Before the release of SP4 for Windows NT 4.0, the SSPI EncryptMessage and DecryptMessage functions were not supported by the SSL/TLS Security Support Provider. Attempts to call these functions generate error code SEC_E_NOT_SUPPORTED. After you install SP4 or later on Windows NT 4.0, the EncryptMessage and DecryptMessage functions are supported for the SSL/TLS protocols. Microsoft Windows 2000 includes support for SSL/TLS Encryption and Decryption.

Although the EncryptMessage and DecryptMessage functions are supported for the SSL/TLS protocols as of SP4, installing certificates from Microsoft Certificate Server is much easier with Internet Explorer 4.0, because of the ability of Internet Explorer 4.0 to run the Certificate Enrollment control that is published by Certificate Server. For this reason it is preferable for platforms that use the SSL/TLS protocols to have Internet Explorer 4.0 or greater installed.

Internet Explorer 5.01 has a known issue regarding an incorrect internal key. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
247367 Programs and Services that Use SSL or SSPI May Not Work After You Install Internet Explorer 5.01
By design, certificates for use with the SSL/TLS protocols on Windows 95, Windows 98, Windows Millennium Edition, and Microsoft Windows NT 4.0 must have private keys marked as exportable. When this is not the case the SSPI functions InitializeSecurityContext or AcceptSecurityContext will fail with:
0x80090304 - SEC_E_INTERNAL_ERROR.
Windows 2000 SSL/TLS protocols do not have this requirement.

REFERENCES

For more information on using SSL/TLS through SSPI, see the SSPI overview, and the WebClient and WebServer samples in the Microsoft Platform SDK.

Properties

Article ID: 275592 - Last Review: November 19, 2003 - Revision: 1.0
APPLIES TO
  • Microsoft Win32 Application Programming Interface (API), when used with:
    • Microsoft Windows NT 4.0 Service Pack 4
Keywords: 
kbinfo kbkernbase KB275592

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com