IE6SP1 and Secure Sites

[Dave-H]

I'm sure I know what the answer to this will be, but I thought I'd ask anyway!

I am just updating an emergency installation of 98SE that I keep on a USB stick.
I have it so I can boot my computer into it in case of a dire fault that prevents me accessing any of the normal operating system drives.
It works fine apart from a problem with the sound, which is for another thread, and I finally yesterday got around to getting the internet access up and running on it.
Ideally I just want to use Internet Explorer to keep it as simple as possible, and I've updated it from IE5 to IE6SP1 with all the latest versions of the files.
Of course I've now found that there are a lot of sites it just won't load, including all the Google sites, which makes it pretty useless!
Basically it seems that any https site now won't work at all, you can't even access it.

This is presumably because of outdated certificates and security protocols, and I accept that there may be no solution to it now, but the strange thing is that one of my own sites, which doesn't use https or any secure protocols to my knowledge, will open in my normal install of IE6 on 98SE, but won't open in the version on the memory stick.
I can only assume that the protocols and/or certificates on my normal installation are more up to date than on the new install, so has anyone got any idea how I can at least make the new installation as up to date as possible in this respect, either by importing/installing an update, or just transferring the necessary files from the other installation?

 

[dencorso]

BlackWingCat has just released his unofficial root certificates update, which works on 9x/ME. Those are the very latest certificates.
Do give it a try, and let's find out whether it improves things somewhat or not.

[LoneCrusader]

Purely hypothetical, but it MIGHT be possible to use some updated files from XP to get secure sites working again under IE6. Even IE8 has issues with these sites unless one has either SP3 for XP x86 or installs specific HotFixes for XP x64 (as there was no SP3, only SP2). I mentioned this before in this thread (and this subsequently linked thread is also related), but I haven't had the chance to do any experimentation and I never use IE for anything anymore if I can help it. The KB articles for the HotFixes I used to fix my XP x64 problem may give an idea what files are necessary to make an attempt.

I wonder whatever happened to maximus-decim and his "cumulative updates" for IE6? If he's still making these packages somewhere then he might be the one who could figure this out...

[dencorso]

maximus-decim probably just lost interest...

But... the latest IE6 upadate for 2k, findable through tomasz86 list/site, should be usable to update m-d's last cumulative update and bring it to a more current, albeit not very current, state. Of course, I don't have the slightest idea whether it actually is worth the effort, but the only way to find that out is by doing it, as you all do know well.

[Dave-H]

Thanks guys and sorry for the delay in replying.
I tried downloading and installing Blackwingcat's latest certificate update file, but it doesn't seem to install.
When I run it I just get a progress window that flashes up for an instant and then vanishes, and checking the entry at HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{EF289A85-8E57-408d-BE47-73B55609861A} it still doesn't seem to be the right version.
Any ideas why it wouldn't be installing as it's supposed to work with 98SE?

 

Edited April 27, 2016 by Dave-H

[Dave-H]

Well I think I might have now got it to install.
I tried in Safe Mode and it wouldn't run at all, so I then tried again in normal mode with everything closed except Explorer.
Nothing looked any different when I ran it, but checking HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{EF289A85-8E57-408d-BE47-73B55609861A} now, it is showing version 46,0,2195,0 installed, which I think is the latest.
Still no joy with IE6 though, it still shows "cannot load page" on Google.

Anything else I can try?
 

[sdfox7]

The only way to load Google on IE 6.0 is to use at least XP with SP3, or on older systems to install an old version of IE, such as 5.5 or lower, which include SSL 2.0, not SSL 3.0.

By installing an old version, it forces Google to serve a non-SSL page. My NT 4.0 system loads Google in IE 5.0 with no problem.

SSL worked on the IE 6.0 until POODLE hit; then webmasters started removing support for ("blocking") SSL 3.0. SSL 2.0 is unaffected.

https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

[Dave-H]

Thanks @sdfox7, but thanks to help from @dencorso, updating the Roots Certificates and spoofing the User Agent, I can now load the basic Google search page in IE6SP1 on Windows 98SE.
What I can't load is Google Advanced Search, as it uses https, or indeed any other https pages.
This seems to be unfixable.

 

[sdfox7]

The following link explains how to force Google to load in non-SSL mode. I'm not sure if it possible to load Advanced Search in non-SSL mode.

How force Chrome to use google.com search engine without https

The resulting webpage is indeed non-https:

http://www.google.com/webhp?nord=1

[sdfox7]

Dave, here is a perfect example of why TLS tends to work better than SSL:

My school uses Office 365 for web based email. With SSL enabled (IE 6.0 default) I cannot even load the page; with SSL 2.0 and 3.0 disabled but TLS enabled, I can load it no problem: