FIX: The SQL Server Integration Services (SSIS) service does not start when you install SQL Server 2005 SP1 on a computer that is already running the SSIS service

When you install Microsoft SQL Server 2005 Service Pack 1 (SP1) on a computer that is already running SQL Server Integration Services (SSIS), the SSIS service will not start, and the following error message is logged in the system event log: Note This issue may also occur with the Notification Services (NS) service.

This issue occurs because the affected computer cannot reach the http://crl.microsoft.com Web site. This issue occurs because the following behavior occurs:

• When the Microsoft .NET Framework starts the SSIS service, the .NET Framework calls the CryptoAPI function to verify the certificates that are assigned to the SQL Server assembly files.
• The CryptoAPI function checks a Certificate Revocation List (CRL) that is available at the http://crl.microsoft.com Web site. This action requires an Internet connection.
• If the Internet connection is blocked, the outgoing HTTP requests may be dropped. Therefore, an error message is not returned. Additionally, the long delay causes the CRL check to time out.
• The Service Control Manager (SCM) determines that the SSIS service is taking too long to start. Therefore, the SCM reports the error message, and the SSIS service is not started.

To resolve this issue, install the cumulative hotfix package (build 2153) for Microsoft SQL Server 2005. For more information about how to obtain the cumulative hotfix package (build 2153) for SQL Server 2005, click the following article number to view the article in the Microsoft Knowledge Base: Note If you apply the hotfix that is described in Microsoft Knowledge Base article 918222, the problem is resolved. However, the startup of the service is slow.

You must install all component packages in the order in which they are listed in this article. If you do not install the component packages in the correct order, you may receive an error message. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

To resolve this issue, use one of the following methods.

Method 1: Configure proxy settings

Make sure that the proxy settings are configured correctly for the service account to access the Internet. For more information about how to use the Proxycfg.exe tool to modify your WinHTTP proxy settings, click the following article number to view the article in the Microsoft Knowledge Base: Microsoft Knowledge Base article 841641 also helps you configure a specific proxy setting if you are running services as a non-interactive account.

Method 2: Configure the firewall

Configure your firewall to return a failure status to the application quickly if the firewall blocks access to the http://crl.microsoft.com Web site.

Note: For more information, see your firewall documentation or contact your firewall provider.

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section.

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

For more information about Certificate Revocation Lists, click the following article number to view the article in the Microsoft Knowledge Base: