On a domain controller that hosts an enterprise certification authority (CA), 2007 Microsoft Office applications display revoked signatures as valid. This behavior occurs if the revocation information is completely unavailable to the client. However, the Office applications should display a warning that states that the validity of the signature cannot be verified at that time.
To fix resolve this problem, follow these steps:
- Install the hotfix package that was released on August 26, 2008.
For more information about the hotfix package, click the following article number to view the article in the Microsoft Knowledge Base:
956506
(http://support.microsoft.com/kb/956506/
)
Description of the 2007 Office system hotfix package (Mso.msp): August 26, 2008
- Set the FailOnCRLServerOffline registry entry. To do this, follow these steps:
- Start Registry Editor.
- In Windows Vista, click Start
Collapse this imageExpand this image
Collapse this imageExpand this image
- In Windows XP, click Start, click Run, type regedit in the Open box, and then click OK.
- Locate and then right-click the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Signatures
- On the Edit menu, point to New, and then click DWORD Value.
- Type FailOnCRLServerOffline, and then press ENTER.
- Right-click FailOnCRLServerOffline, and then click Modify.
- In the Value data box, type 1, and then click OK.
- On the File menu, click Exit to exit Registry Editor.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top
