Description of Update 1 for e-Gap Appliance 3.6 and for Microsoft Intelligent Application Gateway 2007

Article translations Article translations
Article ID: 948280 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Update 1 is available for e-Gap Appliance 3.6 and for Microsoft Intelligent Application Gateway 2007 (version 3.7). The update functionality is the same for e-Gap Appliance 3.6 and for Intelligent Application Gateway 2007. However, this update is released in the following two kits:
Collapse this tableExpand this table
ProductUpdate nameBuild
e-Gap Appliance 3.6e-Gap3.6-SP1Update-1 (e-Gap v3.6 SP1 Update-1)47
Intelligent Application Gateway (IAG) 2007IAG3.7-SP1Update-1 (IAG v3.7 SP1 Update-1)33

Fixes that are included in the update

This update includes fixes for the following issues.

Issue 1

Consider the following scenario:
  • A client computer can access the e-Gap server or the IAG server only through a proxy server.
  • On the client computer, the proxy settings in the Internet Options are not explicitly configured. For example, the client computer uses automatic discovery or a configuration script for proxy settings.
In this scenario, the client components cannot check the server's identity, such as its certificates and its certificate revocation lists (CRL). In this situation, the user is notified that the server's identity cannot be checked. Therefore, the whole functionality of the client components is disabled.

This issue occurs because the client components do not function correctly if the browser is configured to use a configuration URL for proxy settings.

Issue 2

When a client validates the server identity, the client components check the CRL. If the CRL check fails for some reasons, the client components notify the user that the CRL cannot be checked. Therefore, the whole functionality of the client components is disabled.

This update includes the following changes to address this issue:
  • If the Internet Options are configured not to check CRL, the client components do not check the CRL.
  • If the CRL check that uses WinHTTP fails, the client components switch to use Windows Internet Services (WinInet).
  • If the CRL check fails, the user is prompted with an option to skip the CRL check.

    Note If the CRL check discovers that the certificate is revoked the user is prevented from continuing.

Design changes

Additionally, this update includes the following design changes.

Change 1

Currently, customized detection scripts must be signed by Microsoft or by Whale Communications. After you apply this update, the client components will validate the signature only for Microsoft built-in scripts. All customized detection scripts will not require signatures. Customers who want to enforce signature checking for custom scripts can set the following registry entry:

Registry subkey:
HKEY_CURRENT_USER\Software\WhaleCom\Client\Detection

Registry entry: SignedAllScripts
Type: REG_DWORD

To enforce signature checking for custom scripts, set the SignedAllScripts registry entry to 1.

Change 2

This update includes the newest detection script (version 1.65).

MORE INFORMATION

Update information

A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that this article describes. Apply it only to systems that are experiencing this specific problem.

To resolve this problem, contact Microsoft Customer Support Services to obtain the hotfix. For a complete list of Microsoft Customer Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Prerequisites

To apply this update for e-Gap Appliance 3.6, you must have e-Gap Appliance 3.6 Service Pack 1 (version 3.6.1) installed on the computer.

To apply this update for Intelligent Application Gateway 2007, you must have Intelligent Application Gateway 2007 Service Pack 1 (version 3.7.1) installed on the computer.

Restart requirement

You do not have to restart the computer after you apply this update.

Known issues

  • This update does not include offline installation of the client components. If customers want to use offline installation, they must install the offline client components in e-Gap Appliance 3.6 Service Pack 1 or in Intelligent Application Gateway 2007 Service Pack 1. The first time that the user accesses the computer that has this update applied, the client components will upgrade automatically.
  • The instructions in the following file are not updated to align to the new behavior of the signature requirement:
    Whale-Com\e-Gap\von\InternalSite\samples\Detect.inc

REFERENCES

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 948280 - Last Review: July 11, 2008 - Revision: 2.1
APPLIES TO
  • Intelligent Application Gateway 2007
Keywords: 
kbexpertiseinter kbbug kbfix kbqfe KB948280

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com