When you try to start a digitally signed Microsoft .NET Framework 2.0 Windows application or Windows service, the application starts very slowly. Digitally signed Windows services may time out during startup, and you receive the following error message from the Service Control Manager:
Error 1053: The service did not respond to the start or control request in a timely fashion.
This problem occurs because the application must download the Certificate Revocation List (CRL) for authentication. However, a lack of network connectivity causes the download to fail by timing out. For example, a firewall may potentially block the download. When Windows first starts, the network connection is not yet initialized.
To resolve this problem, use one of the following methods.
Cache the certificates locally.Note
The certificate will expire within 15 days.
Minimize the default network time-out setting.
For more information about how to change the default time-out, click the following article number to view the article in the Microsoft Knowledge Base:
You receive the "403.13 client certificate revoked" error message after you install the MS04-11 security update
For a Windows service, you can increase the default time-out setting to allow for the service to start. To do this, follow these steps:
- Click Start, click Run, type regedit, and then click OK.
- Locate the following registry subkey:
- On the Edit menu, point to New, and then click DWORD Value.
- Type ServicesPipeTimeout, and then press ENTER.
- Right-click ServicesPipeTimeout, and then click Modify.
- In the Value data box, type the desired time-out value in milliseconds (ms), and then click OK. For example, if the new service time-out should be 60 seconds, type 60000 in the Value data box.
- On the File menu, click Exit.
- Restart the computer.
Note You must restart the computer for the Service Control Manager to apply this change.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.