How to defeat the 80048821 error in Escargot MSN under Windows XP

I've stated many a time how much of an awesome job the Escargot project is doing at bringing MSN and Windows Live Messenger back to life. However, there is 1 main downside. MSN Messenger 4.7 and higher will not work under Windows XP. If you try to log into your Escargot account with MSN Messenger 4.7 or higher under Windows XP, you will receive the dreaded

Error 80048821
! Simply put, this happens because Escargot's servers are configured to use an SSL (Secure Socket Layer) protocol that Windows XP doesn't support very well. SSL is used to encrypt data transferred over the internet so that it cannot be spied on by outside hackers. If anyone did manage to intercept an SSL-encrypted data stream, it would just appear to be a bunch of letters and symbols of use to no one. If you try to visit an SSL-based site with Internet Explorer 8 under Windows XP, you'll most likely get a big fat error saying
Internet Explorer cannot display the web page
. But turn that frown upside down, because I have the solution to all your Windows XP Escargot problems!

Before getting started

There are a couple of things to note before following this guide.

So, without any further ado, let's proceed!

Side 1: building trust

Security certificates expire, certificate types change, and new certificate vendors come on the scene. This means that we need to keep our root certificates up to date so that the operating system, Windows XP in this case, knows that any connections made by client applications can still be trusted. Fortunately, updating the root certificates on Windows XP is both fast and easy.

  1. Download the root certificate updater by following this link
  2. Extract the contents of the zip file to a location of your choice.
  3. navigate to the location of the extracted files and press enter on the registry file named
    DL_URL_UPD.reg
    . A dialogue will appear asking if you would like to store the contents of the file in the Windows registry. Press Alt + Y
  4. When the message pops up telling you that the registry entries have been added successfully, press Space or Enter.
  5. Next, navigate to the file called
    Cert_Updater_v1.6.exe
    and press enter to launch the certificate updater tool. You should land on the yes button automatically when the dialogue comes up. If not, tab to the yes button and press Space or Enter.
  6. A terminal window will appear. The tool will run automatically, so just sit back and relax while it does its job. It should only take a couple of minutes.
  7. If all went well, a line will appear at the bottom of the terminal window saying that the certificates were successfully updated. If you're using the NVDA screen reader, you can use the NVDA key plus the up and down arrow keys to read through the terminal output line by line. Press any key on your keyboard when instructed, and the tool will quit.

Side 2: access by proxy

Updating the root certificates is only half the battle. Next, Windows XP's HTTPS connectivity must be enhanced through the use of what is called a proxy server. This is where Prox HTTPS Proxy comes into play.

Getting and setting up Prox is a pain in the backside, so I've compiled an installer file which should make life a whole lot easier for you. Here are the steps to get Prox set up.

  1. First, download my Prox HTTPS Proxy installer and save it to a location of your choice.
  2. Press enter on the installer to launch it.
  3. Tab through the checkboxes and press space to check or uncheck a box. I strongly advise you to check the option to add a shortcut to the program on your desktop, since it provides the quickest and easiest access to the program in my opinion. Once you're satisfied with your choices, tab to the next button and press Space or Enter.
  4. Press Alt + I to start installing the program. Once the installation completes, press Space or Enter on the finish button to quit the installer
  5. Don't run the program yet, there's one more thing to do.

  6. Press Windows + R, type cmd, and press Enter to open the Windows command prompt.
  7. Next, type or paste the following into the command prompt, including the quotation marks.
    "C:\ProxHTTPSProxy\ProxyCertInstall\ProxHTTPS Cert Install.exe"
    . Press Enter to run the command. It will only take a couple of seconds. When the command has finished, type exit and press enter to quit the command prompt.
  8. Finally, press Windows + D to go to the desktop, navigate to your ProxHTTPSProxy shortcut, and press enter to launch the proxy server.

When you run the program for the first time, a Windows security dialogue will come up. If it doesn't come up straight away, press Alt + Tab until you find it, tab to the unblock button and press Space or Enter.

Now, try logging into MSN or Windows Live Messenger, and if you logged in successfully, congratulations!

You can also test your connection by visiting https://m1.escargot.log1p.xyz/650 in Internet Explorer. If you get a 404 error, don't worry. The connection was successful, but the server just couldn't find anything named 650. Note, You will need to have the proxy server running at all times when you want to use MSN or Windows Live or visit a secure (HTTPS) website in Internet Explorer. You can place the ProxHTTPSProxy shortcut in your startup folder if you want. That way, the proxy will fire up automatically when you boot up Windows XP.

Conclusion

I hope this guide has been helpful. A lot of time, hard work and practice went into this guide. If you have any problems, please let me know by Sending me an email.

Credits

Big shoutout to Jonathan Kay (AKA Trekie) for telling me about the certificate updater tool. Trekie has been providing Messenger support for many years, which is why he is also known as the Messenger Geek. Why not check him out!

The certificate updater tool was originally made by an MSFN member. The original zip file, which contains a password, can be found here.