# Solved: HTTPS: Error....requested security package does not exist



## HaHo (Jan 25, 2009)

About a week ago two things happened on our computer, but I am not sure they are related. First, we lost fast user switching. I have tried several things to resolve this problem, but I am giving up on it for now (perhaps forever). We dont really need it. 

More importantly we lost access to websites which require a secure log on. Internet Explorer 7 (only browser we are currently using) works perfectly except for when we try to log on to Yahoo mail, our credit card or our bank log on page. If we do this, the screen comes up with the following: Internet Explorer cannot display the web page. Also on the page are the 3 general causes and the button to click to diagnose problems. I clicked this button. I ran Nework Diagnostics for Windows XP. When I ran the Network Diagnostic it said:

*Windows cannot connect to the internet using HTTP, HTTPS or FTP. This is probably caused by firewall settings on this computer.*

*Check the firewall settings for the HTTP port (80), HTTPS port (443) and FTP port (21)*

*You might need to contact your Internet service provider (ISP) or the manufacturer of your firewall software.*

Underneath this there was the button: *View diagnostic log*

I clicked on it and this was the diagnostic log:


Last diagnostic run time: 01/29/09 18:43:04 
HTTP, HTTPS, FTP Diagnostic 
HTTP, HTTPS, FTP connectivity 

warn
HTTPS: Error -2146893051 connecting to www.microsoft.com: The requested security package does not exist 
warn
HTTPS: Error -2146893051 connecting to www.passport.net: The requested security package does not exist 
info
HTTP: Successfully connected to www.microsoft.com.
warn
FTP (Passive): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset 
warn
FTP (Active): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset 
error
Could not make an HTTPS connection.
error
Could not make an FTP connection.
info
Redirecting user to support call



DNS Client Diagnostic 
DNS - Not a home user scenario 

info
Using Web Proxy: no
info
Resolving name ok for (www.microsoft.com): yes

No DNS servers 


DNS failure 




Gateway Diagnostic 
Gateway 

info
The following proxy configuration is being used by IE: Automatically Detect Settingsisabled Automatic Configuration Script: Proxy Server: Proxy Bypass list: 
info
This computer has the following default gateway entry(ies): 192.168.1.1
info
This computer has the following IP address(es): 192.168.1.33
info
The default gateway is in the same subnet as this computer
info
The default gateway entry is a valid unicast address
info
The default gateway address was resolved via ARP in 1 try(ies)
info
The default gateway was unreachable via ICMP Ping
info
The default gateway was not visible via TraceRoute
info
TCP port 23 on host 192.168.1.1 was successfully reached
info
The default gateway was reachable via TCP
info
TCP port 80 on host 207.46.193.254 was successfully reached
info
The Internet host www.microsoft.com was successfully reached
info
The default gateway is OK



IP Layer Diagnostic 
Corrupted IP routing table 

info
The default route is valid
info
The loopback route is valid
info
The local host route is valid
info
The local subnet route is valid

Invalid ARP cache entries 

action
The ARP cache has been flushed



IP Configuration Diagnostic 
Invalid IP address 

info
Valid IP address detected: 192.168.1.33



Wireless Diagnostic 
Wireless - Service disabled 


Wireless - User SSID 


Wireless - First time setup 


Wireless - Radio off 


Wireless - Out of range 


Wireless - Hardware issue 


Wireless - Novice user 


Wireless - Ad-hoc network 


Wireless - Less preferred 


Wireless - 802.1x enabled 


Wireless - Configuration mismatch 


Wireless - Low SNR 




WinSock Diagnostic 
WinSock status 

info
All base service provider entries are present in the Winsock catalog.
info
The Winsock Service provider chains are valid.
info
Provider entry MSAFD Tcpip [TCP/IP] passed the loopback communication test.
info
Provider entry MSAFD Tcpip [UDP/IP] passed the loopback communication test.
info
Provider entry RSVP UDP Service Provider passed the loopback communication test.
info
Provider entry RSVP TCP Service Provider passed the loopback communication test.
info
Connectivity is valid for all Winsock service providers.



Network Adapter Diagnostic 
Network location detection 

info
Using home Internet connection

Network adapter identification 

info
Network connection: Name=Local Area Connection, Device=Broadcom NetXtreme 57xx Gigabit Controller, MediaType=LAN, SubMediaType=LAN
info
Ethernet connection selected

Network adapter status 

info
Network connection status: Connected



HTTP, HTTPS, FTP Diagnostic 
HTTP, HTTPS, FTP connectivity 

warn
FTP (Passive): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset 
warn
HTTPS: Error -2146893051 connecting to www.microsoft.com: The requested security package does not exist 
warn
HTTPS: Error -2146893051 connecting to www.passport.net: The requested security package does not exist 
info
HTTP: Successfully connected to www.microsoft.com.
warn
FTP (Active): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset 
error
Could not make an HTTPS connection.
error
Could not make an FTP connection.



The following is what the computer system looks like.

Dell Dimension 8400 desktop, Pentium 4, 3.00GHz, 1.00GB RAM
Windows XP Pro SP3
Single machine (i.e. not networked)
PC-cillin Internet Security 2007 always up to date
IE7 for browser.
Internet service provider: MTCO
ZyXEL PRESTIGE 600 SERIES, Prestige 645,ADSL Router
It is directly wired (nothing wireless)

We are actually running two firewalls, Windows XP Pro's and PC-cillins and have been for the last 3 years with no problems. I turned them both off to see if that would have any affect, but it didnt. They are both running at the present time.

Any advice on what to do?

Thanks in advance,

HaHo


----------



## TOGG (Apr 2, 2002)

I don't know anything about fast user switching so I can't comment on the possibility that your attempts to correct that problem could have affected your HTTPS problem (although it's hard to see how). 

I am very surprised that you haven't previously had problems as the result of running two firewalls because, as your error message suggests, there is a possibility that a firewall could be involved in the current problem. Did you install or uninstall any programs at about the same time this problem started and have you tried a System Restore to a date before it started?

Https connections need certain IE settings to be checked but, as far as I am aware, they are selected by default so, unless you, or some program you have installed, have amended IE's settings, that shouldn't be the problem. To be sure, go to Tools/Internet Options/Advanced and scroll down to the Security section. The box by 'Use SSL 2.0' should be unchecked while the boxes by 'Use SSL 3.0' and 'Use TLS 1.0' should be checked.

PS. I don't know anything about routers either but I wonder, if your router includes a hardware firewall, whether its settings could be blocking some of the ports mentioned in your error message?


----------



## HaHo (Jan 25, 2009)

Thanks for replying TOGG. 

Yes I have done a system restore that went back about a week before we had problems and then I did one about 2 months before we had any problems. Neither one allowed us to log on to secure sites. We don't think we installed or uninstalled any programs at this time. However, we could have downloaded something unknowingly, or even knowingly. 

I went into <Tools> <Internet Options> <Advanced> <Reset>. This got rid of all temporary files, browser add ons and it reset all changed settings. The box by 'Use SSL 2.0' is unchecked while the boxes by 'Use SSL 3.0' and 'Use TLS 1.0' are checked by default. I also went to <Tools> <Internet Options> <General> and then in the Browsing history section<Delete> and then the last section<Delete all...> This didn't help.

To determine the router settings I clicked on <Start> <Control Panel> <Network Connections> and then for our computer it was right click on <Local Area Connection><Properties> and then in the section: This connection uses the following items and then I highlight <Internet Protocol (TCP/IP)> and then click <Properties> it is set up like the ZyXEL manual has it. When I type in at the command prompt: IPCONFIG or IPCONFIG /ALL, everything apprears to be correct with the manual.

When I try pinging at the command prompt, I get the following. The IP Address is successful 4 of 4 times. When I ping the Default gateway, DHCP Server and DNS Servers (which are all the same address) 4 of 4 times I get the message: Request timed out.

Googling the problem turned up one solution to a problem (HTTPS: Error -2146893051) similar to ours. You can view it at the following URL: http://www.eggheadcafe.com/software/aspnet/30783271/ie7-misssing-security-pac.aspx They were able to log on to secure sites with Mozilla's Firefox. We installed Firefox, and it also allowed us to log on to secure sites. This solves the problem fairly well. I was going to uninstall IE 7, but did not because that did not work for them. 

We are interested in getting IE 7 to work with HTTPS if it is fairly easy. However, now that we know we can use Firefox for HTTPS it isn't nearly as important.


Thanks,

 HaHo


----------



## TOGG (Apr 2, 2002)

I meant to ask you if you had tried any alternative browsers but forgot!.

If you haven't already got it, I suggest that you look into the NoScript exstension for Firefox. It's an excellent aid to security (as long as you don't go around 'globally allowing' everything). Also, check out the IETab which allows you to collect Windows updates with Firefox by using some elements of IE.

I think you will find that you can't uninstall IE because it's so integrated with Windows (they share some components I think).


----------



## HaHo (Jan 25, 2009)

Thanks, I added NoScript 1.9 to Firefox.

I could maybe get rid of IE 7 in <Control Panel> <Add Remove Programs>, but I just don't think it is going to fix anything. I guess I was hoping there was some silver bullet out there.

We can get by with things the way they are without to much hassle. Our computer is 3 years old. Hopefully it can hang on until Windows 7 comes out in a year or so.


----------



## HaHo (Jan 25, 2009)

What the problem was, was my firewall/anti-virus/anti-spyware program (Trend Micros's PC-cillin Internet Security.

I realized that Outlook Express wasn't working also. In Outlook Express I went into <Tools> <Accounts> I clicked on the <Mail> tab, I only had one account and that was highlighted, I clicked on <Properties> <Advanced> and in the Server Port Numbers section I unclicked for both incoming and outgoing mail the use of SSL. Outlook Express then worked. I then read and realized that maybe my firewall was blocking the ports.

I completely turned off/closed out of PC-cillin (I don't know how to shut it off within PC-cillin, because everything obvious to me like turning off the firewall and turning off e-mail filters didn't work) and then Outlook Express worked.

I got on a chat line with Trend Micro telling them that I thought PC-cillin was blocking the ports for my incoming and outgoing e-mail. They said that they would allow me to upgrade for free and that it might solve my problem. I unistalled my old PC-cillin program and installed the new PC-cillin and everything works perfectly including credit card and bank logon pages.


----------

