HTTP status and sub-status codes provide valuable information about the issues users come across. One of the code pairs is 500.19 which means “Configuration data is invalid“. However, IIS may show this pair incorrectly if a user drops connection before the browser loads the website completely.
The error message from the Failed Request Tracing log is below. Please note that this error appears during the execution of the Dynamic Compression module.
HttpStatus: 500
HttpReason: Internal Server Error
HttpSubStatus: 19
ErrorCode: An operation was attempted on a non existent network connection (0x800704cd)
Error log when the client drops connectionRead More
Users and servers communicate via unencrypted messages unless the website owners use SSL certificates. A valid SSL certificate ensures that communication is secure. Therefore, someone who intercepts packages in the network cannot read the data. Certificates are useful and easy to configure most of the time. However, in some cases, the connection may become unprotected and you may see the error message ERROR_INTERNET_SEC_CERT_REVOKED or ERR_CERT_REVOKED.
I came across “certificate has been revoked” message in a website hosted at GoDaddy. Everything was fine and SSL certificate was valid. One day, I visited the site and saw this annoying warning page in Chrome and Edge.
ERROR_INTERNET_SEC_CERT_REVOKED in Microsoft Edge
Here is the full error message Microsoft Edge browser displays when the website has a revoked certificate:
This site is not secure
This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.
This website’s security certificate has been revoked, so you can’t go there at this time.
Microsoft IIS (Internet Information Server) uses worker processes to handle requests coming from clients. Worker process is actually an instance of the w3wp.exe file. If w3wp.exe crashes, It means your users won’t get service for a short time until the process starts up again. Exception codes 0xc0000005 and 0xe0434352 are some of the most common causes of w3wp.exe crashes. Let’s see what you can do if you see these exception codes in Event Viewer.
Here are the exception descriptions from Event Viewer. Pay attention to the “Faulting module name” values. It may point out the root cause right away.
Event ID: 4096
An unhandled win32 exception occurred in w3wp.exe [3080]. Just-In-Time debugging this exception failed with the following error: Debugger could not be started because no user is logged on.
Check the documentation index for ‘Just-in-time debugging, errors’ for more information.
Event ID: 1000
Faulting application name: w3wp.exe, version: 10.0.14393.0, time stamp: 0x57899b8a
Faulting module name: KERNELBASE.dll, version: 10.0.14393.2608, time stamp: 0x5bd1340d
Exception code: 0xe0434352
Event ID: 1000
Faulting application name: w3wp.exe, version: 10.0.14393.0, time stamp: 0x57899b8a
Faulting module name: OraOps12.dll, version: 2.121.1.0, time stamp: 0x52002676
Exception code: 0xc0000005
Solution for 0xc0000005 and 0xe0434352 exceptions
Looking at the logs above, we see two exception codes which give clues about the root cause:
Exception code 0xc0000005: This error code translates into ERROR_ACCESS_DENIED (Source).
The main suspect is the file permissions. Make sure the application pool identity of your application pool has read and write permissions on the website’s folder (Related topic 1, related topic 2).
Other suspect is the Antivirus software. Check the Antivirus logs to see if there is any record indicating the file access block. Try temporarily disabling any antivirus software and monitor the system. Additionally, HIPS (intrusion prevention system) may cause this error as well.
Look for clues based on the faulting module name. In my case, it is OraOps12.dll which is a part of Oracle Data Access Components (ODAC). Upgrading or repairing the corresponding module may fix the issue.
Exception code 0xe0434352: CLR (Common Language Runtime) uses this generic exception code when there is an internal issue in the application. When the application throws System.NullReferenceException or System.ArgumentException error, CLR records exception code 0xe0434352 in the background.
It is not straightforward to solve these kind of issues because the root cause is not clear. I would recommend debugging the application in Visual Studio to get more details about the issue. If you don’t have access to the source code, you can use DebugDiag or WinDbg to for further analysis (A related topic).
