server giving msxml3.dll error '80072f7d' when trying to access secure url

来源：http://stackoverflow.com/questions/23216981/server-giving-msxml3-dll-error-80072f7d-when-trying-to-access-secure-url

For years I have used classic asp to connect to the secure site of a supplier using msxml3.dll - but since this morning, I am getting;

msxml3.dll error '80072f7d' An error occurred in the secure channel support

I have had a good look around and can see that I am not the only one to have seen this - but cannot find a solution.

The partner site has just updated their ssl certificate. If I try to connect to the remote url from the server using IE or Chrome, it fails to connect reporting a nonvalid digital signature on the site's certificate. However, if I try to connect from my local computer, it works without a problem and I can see that the server identity has been correctly established.

Any help would be really appreciated.

ssl asp-classic msxml3

shareimprove this question

asked Apr 22 '14 at 10:30

aaronjelias
514

 

 

Server is running Windows 2003 –  aaronjelias Apr 22 '14 at 10:31

 

Heartbleed has a lot to answer for. :) –  Lankymart Apr 22 '14 at 10:52 

 

This probably won't make any difference, but you could try modifying your code to use msxml6 -Server.CreateObject("Msxml2.ServerXMLHTTP.6.0") –  John Apr 22 '14 at 12:37

 

@John - tried that but I get the same error - just with msxml6.dll instead. –  aaronjelias Apr 24 '14 at 6:53

add a comment

1 Answer

activeoldestvotes

up vote2down vote

In Microsoft Windows Server 2003, applications that use the Cryptography API (CAPI) cannot validate an X.509 certificate. This problem occurs if the certificate is secured by the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms. Applications may not work as expected if they require the SHA2 family of hashing algorithms.

http://support.microsoft.com/kb/938397 fixed the problem for me.