0X80093015

0x80093015 OSS_NULL_FCN Fix: ASN1 Null Function Pointer

Windows Errors Intermediate 👁 1 views 📅 May 30, 2026

This error means Windows can't find or load a critical ASN.1 decoding function. The fix is reinstalling the Cryptographic Services component cleanly.

You hit 0x80093015 — that's a OSS_NULL_FCN from the ASN.1 decoding stack. Frustrating, I know, because the error tells you nothing useful about which function is missing. The core cause: Windows Cryptography Services got corrupted or partially uninstalled, and the ASN.1 parser can't resolve the function pointers it needs to decode certificates, signatures, or PKCS7 blobs.

The Real Fix: Reinstall Cryptographic Services

Skip all the registry tweaks and SFC scans you'll find on forums — they don't address the root problem. What's actually happening here is that the ASN.1 decoder (ossprov.dll and its dependencies) can't load its function table, meaning the DLLs are either missing, mismatched, or the COM registration is broken. The only reliable fix is a clean reinstall of the Cryptographic Services component via DISM.

  1. Open an elevated Command Prompt. Hit Start, type cmd, right-click Command Prompt, choose "Run as administrator."
  2. Run this DISM command exactly: 
    dism /online /cleanup-image /restorehealth
    This scans the component store and replaces any corrupted or missing files — including ossprov.dll, crypt32.dll, and the ASN.1 support DLLs. Wait for it to complete (100%).
  3. Then re-register the Cryptographic Services: 
    regsvr32 /s ossprov.dll
regsvr32 /s crypt32.dll
regsvr32 /s softpub.dll
    The /s flag suppresses popups. You should see no errors. If any of these fail, you've got deeper corruption — skip to the Less Common Variations section.
  4. Reboot. Not optional. The service needs a clean start to load the restored function table.

After reboot, test your original operation (update, certificate import, code signing, whatever triggered it). The error should be gone.

Why Reinstalling Cryptographic Services Works

The error code 0x80093015 maps to OSS_NULL_FCN in the ASN.1 runtime. The ASN.1 decoder uses a function pointer table — think of it as an array of addresses for each decoding operation (BER, DER, CER, etc.). When ossprov.dll loads, it queries the registry for the path to these function tables. If the registry entry is missing, the DLL can't find the pointer, returns null, and you get OSS_NULL_FCN.

DISM's /restorehealth doesn't just fix file hashes — it also repairs COM registration entries in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography. That's the missing link. Without those registry keys, even the correct DLLs won't load their function tables. The regsvr32 steps then force the DLLs to re-register their COM interfaces, which rebuilds those registry entries from scratch.

The reason step 3 works is that regsvr32 calls each DLL's DllRegisterServer export, which writes the necessary CLSIDs and function table paths back into the registry. The ASN.1 decoder then finds its pointers on the next load.

Less Common Variations of This Error

Sometimes the standard fix doesn't cut it. Here's what else you might run into:

  • Windows Update Error 0x80093015: This usually happens when Windows Update tries to verify a signed catalog file (.cat) and can't decode the PKCS7 signature. The fix above works 90% of the time. If it doesn't, try wuauclt /detectnow after the repair to force a new update check.
  • Code Signing Tools (SignTool.exe) Fail: If you're signing drivers or executables and get OSS_NULL_FCN, the issue might be a corrupted signing certificate in your personal store. Export the certificate and re-import it into Cert:\CurrentUser\My. Then re-register mssign32.dll:
regsvr32 /s mssign32.dll
  • IIS or Schannel (TLS/SSL) Error: If this error appears in System Event log with source Schannel, it means the TLS handshake failed because the server certificate's ASN.1 structure couldn't be decoded. The fix is the same DISM + regsvr32 approach, but you might also need to re-import the server certificate via IIS Manager (not just CertMgr).
  • Custom Applications Using CryptoAPI: Some third-party apps call CryptDecodeObject directly. If they hit OSS_NULL_FCN, it's almost always a corrupted Crypt32.dll copy — not the system one, but a local copy bundled with the app. Replace that copy with the system version from C:\Windows\System32.

Prevention: Keep Cryptographic Services Healthy

You don't want to chase this error again. Three rules:

  1. Never manually delete or move files in C:\Windows\System32\catroot or C:\Windows\System32\catroot2. Those folders hold the catalog database that Cryptographic Services uses. Corrupting them is a one-way ticket to 0x80093015 and worse.
  2. Run DISM and SFC monthly. Not weekly — that's overkill. But once a month, after Patch Tuesday, run dism /online /cleanup-image /restorehealth followed by sfc /scannow. Keeps the component store clean.
  3. Watch what you uninstall. Some "system cleaner" tools (CCleaner, certain registry cleaners) removed Cryptographic Services from the uninstall list on older Windows builds. Windows 10/11 protect it better, but third-party drivers or badly written uninstallers can still zap registry entries. If you see CryptSvc missing in services.msc, you've got bigger problems — restore from a backup or do a repair install.

Bottom line: 0x80093015 is a registry problem, not a file problem. DISM fixes the files; regsvr32 fixes the references. Do both, reboot, and you're done.

Was this solution helpful?

0x80093015 OSS_NULL_FCN ASN1 error Windows certificate error 0x80093015 fix 0x80093015 cryptographic services reinstall Windows update error 0x80093015 PKCS7 decoding failure schannel error code signing error