CSS3111 and CSS3114 issue

CSS3114: @font-face failed OpenType embedding permission check. Permission must be Install-able. CSS3114 usually occurs when the source of the EOT file was a locked TTF file. CSS3114 is always accompanied by the “mythical” CSS3111 error, but solving CSS3114 automatically fixes both, as CSS3111 in that case is provoked by CSS3114.

All TTF files will have an “embedded” flag stored in them. This flag determines whether the font can be embedded in a file or on a website or whether such actions are prohibited. There is a great free tool that allows to alter the flag — TTFPATCH. However it is not legal.

CSS3111: @font-face encountered unknown error. This error is caused by an issue with the font’s binary source. One of the popular online — TTF to EOT converters for e.g. produces EOT files with a NAME table that doesn’t comply to the Microsoft standards, which results in EOT fonts that never load in IE and produce the CSS3111 error. A list of different TTF to EOT converter or font face generator:

• http://www.fontsquirrel.com/fontface/generator
• http://fontface.codeandmore.com
• http://www.font2web.com/

CSS3114 can be resolved by adding the following fixes:

<staticContent>
      <remove fileExtension=".woff" />
      <mimeMap fileExtension=".woff" mimeType="application/octet-stream" />
</staticContent>

under

<system.webServer> in web.config.

To check the if the mimetype is changed, do the following steps

1. Open IIS Manager, Navigate to your webiste

2. Click the MIME Types feature

3. Check the MimeType value of .woff extension

4. Make sure the application/octet-stream is the only value of .woff extension

CSS3111 could be caused by Windows 10 feature called entrusted font blocking. The untrusted font blocking feature can stop users from loading un-trusted fonts that are process by the Graphics Device Interface (GDI). Un-trusted fonts are any fonts that are installed outside the %windir%Fonts directory.

To disable untrusted font blocking using group policy

1. Open Group Policy Management Editor
2. Under local Computer Policy, expand Computer Configuration, expand Administrative Templates, expand System, and then click Mitigation Options.
3. In the Untrusted Font Blocking setting select Do not block untrusted fonts.

To disable untrusted font blocking using registry editor

1. Open Registry Editor (regedit.exe) and go to the following registery subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\
2. If the MitigationOptions key is not there, right click and add a new QWORD (64 bit) value naming it as MitigationOptions.
3. To turn this feature off: Type 2000000000000. and do a computer restart

To disable the firewall

1. Disable the firewall in the registry — HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\EnableFirewall = 0
2. Do a reboot
3. Set it back to 1
4. Reboot again

Useful links:

1. http://marinbezhanov.com/how-to-embed-webfonts-properly-and-how-to-solve-the-ambiguous-css3111-font-face-encountered-unknown-error/
2. http://stackoverflow.com/questions/29338479/font-face-failed-opentype-embedding-permission-check-permission-must-be-instal
3. https://forums.iis.net/t/1234210.aspx?CSS3114+font+face+failed+OpenType+embedding+permission+check+Permission+must+be+Installable+
4. https://github.com/kenwheeler/slick/issues/1887
5. http://stackoverflow.com/questions/33023461/ie-11-error-css3111-in-my-own-code-and-google-com-fonts-doesnt-render-any-fon