'1B6' Error Message and Windows
Many ORC customers receive a message stating that "Error 1B6" has occurred. Below is an
explanation and two potential solutions.
In order to issue a digital certificate to you, ORC must tell your computer to generate a
private/public key pair. A private/public key pair is the core of any PKI digital certificate.
When using Microsoft Internet Explorer, the digital certificates are not really generated
(nor stored) in the web browser. The certificate (and its private/public key pair) are actually
generated and stored in a part of the Microsoft Operating System called the CryptoAPI (or CAPI).
Microsoft Operating Systems later than Windows XP (i.e. Vista and Windows 7), no longer support
'open source' PKI commands. This means that ORC can not direct Windows Vista and Windows 7 to
generate a PKI private/public key pair.
The 1B6 error code is the way that your Microsoft Operating System tells you that a
private/public key pair was not generated.
Microsoft Vista and Windows 7
Windows Vista and Windows 7 can make use of a PKI digital certificate when installed as a finished
item. In other words, once you have a certificate you can install it and use it in Internet
Explorer (and Outlook, etc).
So, if your computer runs on Windows Vista and Windows 7, you can use one of our certificates
with Internet Explorer but you can not create the certificate with Internet Explorer.
What you can do is use the Mozilla Firefox web browser to obtain your certificate, then move it to
If you are not sure what operating system your computer is running, you can go through the
certificate request process. If you receive a message that "Error 1B6" has occurred, you should
try the Mozilla Firefox solution.
Microsoft Windows XP
Some people who run Windows XP also experience the '1B6' error message. However, with Windows XP,
some adjustments to the Internet Explorer browser settings can often resolve this issue.
- In Internet Explorer, click Tools on the menu bar or the Tools icon on upper right hand corner.
- From the menu under Tools, select Internet Options.
- The Internet Options dialog box will open.
- In the Internet Options dialog box, click the Security tab.
- On the Security tab, go to the Internet zone (should be the default selection).
- In the Internet zone ensure that the 'Security' level is set to the lowest possible level.
(Different versions of Internet Explorer have different lables for the Security Level.) You
should come back and re-set the Security Level after you have made your certificate request.
- In the Internet zone, click Custom Level.
- In the Security Settings, scroll down to Scripting section. Ensure that Active Scripting is
set to Enable and click OK.
- On the Security tab, go to the Trusted Sites zone.
- In the Trusted Sites zone, click Sites.
- Find the label that reads "Add this website to the zone:". In the text box beneath, type
"https://eoffer.orc.com" and click the Add button.
- Now type "https://aces.orc.com" in the text box beneath and click the Add button again.
- Click the Close button.
- On the Security tab, if the "Apply" button is not 'grayed out', click the Apply button.
- On the Security tab, click the OK button. The Internet Options dialog box will disappear.
If you still receive the 1B6 Error when you try to make a certificate request, please use the
Mozilla Firefox option below.
Mozilla Firefox is a free web browser. It is, basically, the successor to Netscape Navigator
(Netscape was also a 'Mozilla-based' browser). Mozilla Firefox is a well established, stable,
safe, and well trusted web browser. Firefox has its own, self-contained, certificate store, so it
doesn't care how your operating system processes certificates.
You can find out more about Mozilla and Mozilla Firefox (information, download, installation,
etc.) here: http://www.mozilla.org/
ORC is not asking, nor expecting, you to do all of your business with the GSA through the Firefox
browser. In fact, you must use Internet Explorer to perfrom some functions on the GSA's websites.
But in order to better serve you, we are asking you to obtain the certificate using Firefox.
The entire process would work something like this...
- Download and install Mozilla Firefox.
- Using Mozilla Firefox on this website, make your certificate request.
- Process the request form and send them to ORC (the directions for this is on the request form,
- While you are waiting; do NOT uninstall Firefox, and do NOT allow Firefox to install updates.
- ORC will issue your certificate within 3 to 5 business days of receipt of your certificate
request form (this presumes that the request form 'package' is correct and complete).
- When ORC issues your certificate, we will send you a Certificate Issuance Notification (CIN)
email. The CIN email will have instructions on how to import, test, and make a Back-Up copy
of your certificate. The Back-Up copy is a password protected file.
- You can then take the Certificate Back-Up file and use it to import your certificate into
Internet Explorer. You can also import the certificate onto a different computer (or several
computers if necessary). [NOTE: Only the person that is named on the Certificate may use the
certificate; it is an electronic Identity Credential. But that person may use it on any computer
or application that they desire.] Of course, you should also keep a copy of the Certificate
Back-Up file on removable drive or CD to protect yourself from computer failure.
- Once you have imported the issued certificate, made a Certificate Back-Up file, imported the
certificate into Internet Explorer, and succesfully tested the Certificate in Internet Explorer;
you may uninstall Mozilla Firefox if you do not want it.