1

How to: Enable http CRL Distribution Point on MSCA

Info:

By default Microsoft Certificate Authority (MSCA) does not have http CRL Distribution Points (CDP) enabled. This article covers the steps on enabling this on 2008 R2 based MSCA.

More Info:

We can enable the MSCA to http based CRL Distribution Point with, Open Certification Authority management console and:

  1. Connect to the CA
  2. Right click on the CA object and select Properties
  3. Go to Extensions tab
  4. Select the http location
  5. Check the boxes for “Include in CRLs. Clients use this to find Delta CRL locations” and "Include in the CDP extension of issued certificates"
  6. Click Apply
  7. Click Yes to restarting services
  8. Issue certificate (should have new CDP info on it now)

 

CDP_1.png

2014-08-06_15-08-09.png

CRL_publish.png

0 comments

Post is closed for comments.